CVE-2012-0052 Information

Description

Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name.

Reference

http://rhn.redhat.com/errata/RHSA-2012-0089.html http://rhn.redhat.com/errata/RHSA-2012-0406.html https://bugzilla.redhat.com/show_bug.cgi?id=781964