Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Access Control functionality (JMXOpsAccessControlFilter) in JMX Console in JBoss Application Server 4.0.2 and 4.0.5 before 20070416 uses a member variable to store the roles of the current user, which allows remote authenticated administrators to trigger a race condition and gain privileges by logging in during a session by a more privileged administrator, as demonstrated by privilege escalation from Read Mode to Write Mode.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
JMX Console in JBoss Application Server 远程口令登陆漏洞
Vulnerability Description
JMX Console in JBoss Application Server 4.0.2版本和4.0.5 20070416版本之前的版本的访问权控制功能(JMXOpsAccessControlFilter)运行一个自变量来储存现有用户的角色,这会允许远程验证管理员通过在于多个特权管理员会话的时候登录,触发一个竞争状态并获得特权,例如对Write Mode的Read Mode的特权升级。
CVSS Information
N/A
Vulnerability Type
N/A