JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a crafted IP multicast.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-11-23T20:00:00

Updated: 2024-08-06T19:34:23.942Z

Reserved: 2012-04-19T00:00:00

Link: CVE-2012-2377

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-11-23T20:55:02.837

Modified: 2024-11-21T01:38:58.847

Link: CVE-2012-2377

cve-icon Redhat

Severity : Low

Publid Date: 2012-06-12T00:00:00Z

Links: CVE-2012-2377 - Bugzilla