CVE-2012-2148

CWE-269Improper Privilege Management5 documents5 sources
Severity
3.3LOW
EPSS
0.1%
top 71.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Jbossas4 ASRedhat Jboss Community Application ServerRedhat Jboss Enterprise WEB Server
Timeline
PublishedDec 6
Latest updateApr 23

Description

An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages3 packages

CVEListV5jbossas4/as7.1.1

🔴Vulnerability Details

2
GHSA
GHSA-fxg2-qg2r-vp8h: An issue exists in the property replacements feature in any descriptor in JBoxx AS 72022-04-23
CVEList
CVE-2012-2148: An issue exists in the property replacements feature in any descriptor in JBoxx AS 72019-12-06

📋Vendor Advisories

1
Red Hat
7: Property replacement in any descriptor ignores java security policies2012-06-12

💬Community

1
Bugzilla
CVE-2012-2148 JBoss AS 7: Property replacement in any descriptor ignores java security policies2012-04-30