CVE-2011-4605

CWE-264 CWE-306 — Missing Authentication5 documents5 sources

Severity

7.5HIGH

EPSS

2.4%

top 14.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Jboss Enterprise Brms Platform Redhat Jboss Enterprise Application Platform Redhat Jboss Enterprise Portal Platform +2 more

Timeline

PublishedNov 23

Latest updateMay 17

Description

The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly restrict write access, which allows remote attackers to add, delete, or modify items in a JNDI tree via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages5 packages

▶NVDredhat/jboss_enterprise_brms_platform5.2.0

▶NVDredhat/jboss_enterprise_portal_platform4.3.0, 5.2.0, 5.2.1+2

▶NVDredhat/jboss_enterprise_application_platform4.3.0, 5.1.2+1

▶NVDredhat/jboss_enterprise_soa_platform4.2.0, 4.3.0+1

▶NVDredhat/jboss_enterprise_web_platform5.1.2

🔴Vulnerability Details

GHSA

GHSA-985p-jvqf-v48m: The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4↗2022-05-17

▶

CVEList

CVE-2011-4605: The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4↗2012-11-23

▶

📋Vendor Advisories

Red Hat

JNDI: unauthenticated remote write access is permitted by default↗2012-06-20

▶

💬Community

Bugzilla

CVE-2011-4605 JNDI: unauthenticated remote write access is permitted by default↗2011-12-12

▶