CVE-2012-0062

Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 allows remote attackers to hijack agent sessions via an agent registration request without a security token.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
VendorProductVersion
redhatjboss_operations_network
𝑥
≤ 2.4.1
redhatjboss_operations_network
2.0.0
redhatjboss_operations_network
2.0.1
redhatjboss_operations_network
2.1.0
redhatjboss_operations_network
2.2
redhatjboss_operations_network
2.3
redhatjboss_operations_network
2.3.1
redhatjboss_operations_network
2.4
redhatjboss_operations_network
3.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2012-0089.html
http://rhn.redhat.com/errata/RHSA-2012-0406.html
https://bugzilla.redhat.com/show_bug.cgi?id=783008
http://rhn.redhat.com/errata/RHSA-2012-0089.html
http://rhn.redhat.com/errata/RHSA-2012-0406.html
https://bugzilla.redhat.com/show_bug.cgi?id=783008