Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4573

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2011-4573
Last Modified 01 Apr 2014 10:38:49
Published 01 Apr 2014 02:35:52
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2011-4573

Summary

Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group connection properties history, which prevents such activities from being recorded in the audit trail.

Vulnerable Systems

Application

  • Redhat Jboss Operations Network 1.0.0

  • Redhat Jboss Operations Network 2.0.0

  • Redhat Jboss Operations Network 2.0.1

  • Redhat Jboss Operations Network 2.1.0

  • Redhat Jboss Operations Network 2.2

  • Redhat Jboss Operations Network 2.3

  • Redhat Jboss Operations Network 2.3.1

  • Redhat Jboss Operations Network 2.4

  • Redhat Jboss Operations Network 2.4.1


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=760024

REDHAT - RHSA-2012:0089


Last Updated: 27 May 2016 11:04:49