CVE-2011-2908 Information

Feb 14, 2021 cve

Description

Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform before 5.2.2 BRMS Platform 5.3.0 before roll up patch1 and SOA Platform 5.3.0 allows remote authenticated users to hijack the authentication of arbitrary users for requests that perform operations on MBeans and possibly execute arbitrary code via unspecified vectors.

Reference

http://rhn.redhat.com/errata/RHSA-2012-1152.html http://rhn.redhat.com/errata/RHSA-2012-1165.html http://rhn.redhat.com/errata/RHSA-2012-1232.html http://rhn.redhat.com/errata/RHSA-2013-0191.html http://rhn.redhat.com/errata/RHSA-2013-0192.html http://rhn.redhat.com/errata/RHSA-2013-0193.html http://rhn.redhat.com/errata/RHSA-2013-0194.html http://rhn.redhat.com/errata/RHSA-2013-0195.html http://rhn.redhat.com/errata/RHSA-2013-0196.html http://rhn.redhat.com/errata/RHSA-2013-0197.html http://rhn.redhat.com/errata/RHSA-2013-0198.html http://secunia.com/advisories/50230 http://secunia.com/advisories/50549 http://secunia.com/advisories/51984 http://www.osvdb.org/84530 http://www.securityfocus.com/bid/54915 https://bugzilla.redhat.com/show_bug.cgi?id=730176 https://exchange.xforce.ibmcloud.com/vulnerabilities/77549

Share on: