漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
In JBoss EAP 6 a security domain is configured to use a cache that is shared between all applications that are in the security domain. This could allow an authenticated user in one application to access protected resources in another application without proper authorization. Although this is an intended functionality, it was not clearly documented which can mislead users into thinking that a security domain cache is isolated to a single application.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat JBoss Enterprise Application Platform 安全漏洞
Vulnerability Description
Red Hat JBoss Enterprise Application Platform(EAP)是美国红帽(Red Hat)公司的一套开源的、基于J2EE的中间件平台。该平台主要用于构建、部署和托管Java应用程序与服务。 Red Hat JBoss EAP 6版本中存在安全漏洞,该漏洞源于安全域使用了该域中所有应用程序所共享的缓存。攻击者可利用该漏洞访问另一个应用程序中的受保护资源。
CVSS Information
N/A
Vulnerability Type
N/A