Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and earlier, when LDAP authentication is enabled and the LDAP bind account credentials are invalid, allows remote attackers to login to LDAP-based accounts via an arbitrary password in a login request.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2012-0396.html | Vendor Advisory |
http://rhn.redhat.com/errata/RHSA-2012-0406.html | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=799789 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2014-02-14 15:55
Updated : 2024-02-28 12:20
NVD link : CVE-2012-1100
Mitre link : CVE-2012-1100
CVE.ORG link : CVE-2012-1100
JSON object : View
Products Affected
redhat
- jboss_operations_network
CWE
CWE-287
Improper Authentication