CVE-2011-4085

CWE-287 — Improper Authentication6 documents6 sources

Severity

6.8MEDIUM

EPSS

0.7%

top 27.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Jboss Enterprise Application Platform Redhat Jboss Enterprise Brms Platform Redhat Jboss Enterprise Portal Platform +1 more

Timeline

PublishedNov 23

Latest updateMay 17

Description

The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which allow remote attackers to bypass authentication by sending a request with a different method. NOTE: this vulnerability exists because of a CVE-2010-0738 regression.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages4 packages

▶NVDredhat/jboss_enterprise_brms_platform5.2.0

▶NVDredhat/jboss_enterprise_portal_platform4.3.0

▶NVDredhat/jboss_enterprise_application_platform5.1.1+5

▶NVDredhat/jboss_enterprise_soa_platform5.1.1+6

🔴Vulnerability Details

GHSA

GHSA-24wp-35x7-5hx9: The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5↗2022-05-17

▶

CVEList

CVE-2011-4085: The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5↗2012-11-23

▶

VulnCheck

Red Hat JBoss Application Server Improper Authentication↗2011

▶

📋Vendor Advisories

Red Hat

Invoker servlets authentication bypass (HTTP verb tampering)↗2011-11-16

▶

💬Community

Bugzilla

CVE-2011-4085 Invoker servlets authentication bypass (HTTP verb tampering)↗2011-11-01

▶