CVE-2011-4085

NONECVSS 0.0

0.0

The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which allow remote attackers to bypass authentication by sending a request with a different method. NOTE: this vulnerability exists because of a CVE-2010-0738 regression.

🔗 References (22)

secalert@redhathttp://rhn.redhat.com/errata/RHSA-2011-1456.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2011-1798.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2011-1799.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2011-1800.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2011-1805.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2011-1822.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2012-0091.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2012-1028.html
secalert@redhathttp://secunia.com/advisories/47169
secalert@redhathttp://secunia.com/advisories/47866
secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=750422
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2011-1456.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2011-1798.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2011-1799.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2011-1800.html

Is Your Infrastructure Affected by CVE-2011-4085?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2011-4085

📅 Published

🔄 Last Modified

🔗 References (22)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2011-4085?