Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain privileged information if WS-Security is enabled for the WSRP Consumer, and the endpoint in question is being used by a privileged user. This affects JBoss Portal 6.2.0.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat JBoss Portal 竞争条件问题漏洞
Vulnerability Description
Red Hat JBoss Portal是美国红帽(Red Hat)公司的一套开源且符合标准的门户平台,它可搭建、布局一个门户网站的Web界面,用于发布、管理内容以及定制用户体验。 Red Hat JBoss Portal 6.2.0版本的gatein-wsrp中GTNSubjectCreatingInterceptor类的实现存在竞争条件问题漏洞。该漏洞源于网络系统或产品在运行过程中,并发代码需要互斥地访问共享资源时,对于并发访问的处理不当。
CVSS Information
N/A
Vulnerability Type
N/A