CVE-2014-0248

org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform (JBEAP) 5.2.0, and JBoss Enterprise Web Platform (JBEWP) 5.2.0 allows remote attackers to execute arbitrary code via a crafted authentication header, related to Seam logging.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_web_framework_kit:2.5.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-07-07 14:55

Updated : 2024-02-28 12:20


NVD link : CVE-2014-0248

Mitre link : CVE-2014-0248

CVE.ORG link : CVE-2014-0248


JSON object : View

Products Affected

redhat

  • jboss_enterprise_application_platform
  • jboss_enterprise_web_platform
  • jboss_web_framework_kit
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')