Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group connection properties history, which prevents such activities from being recorded in the audit trail.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat JBoss Operations Network 权限许可和访问控制漏洞
Vulnerability Description
Red Hat Red Hat JBoss Operations Network(JON)是美国红帽(Red Hat)公司的一款基于J2EE的开源应用程序服务器,它可部署、管理、监控JBoss企业中间件、应用程序和服务。 Red Hat JON 2.4.1及之前的版本中存在安全漏洞,该漏洞源于当从组连接属性的历史中删除插件配置更新时,程序没有验证用户的修改资源权限。攻击者可利用该漏洞删除插件配置更新。
CVSS Information
N/A
Vulnerability Type
N/A