Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an implementation is already loaded and the modules share class names, which allows local users to control certain applications' authorization decisions via a crafted application.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat JBoss JBoss EAP 身份验证安全绕过漏洞
Vulnerability Description
Red Hat JBoss Enterprise Application Platform(EAP)和JBoss Portal都是美国红帽(Red Hat)公司的产品。JBoss EAP是一套开源、基于J2EE的中间件平台。JBoss Portal是一套开源且符合标准的门户平台。 Red Hat JBoss EAP 6.1.0之前的版本和JBoss Portal 6.1.0之前的版本中存在安全漏洞,该漏洞源于程序没有正确加载新应用程序的用户身份验证模块。本地攻击者可借助特制的应用程序利用该漏洞控制应用程序
CVSS Information
N/A
Vulnerability Type
N/A