NVD

Id
10962  
Name
CVE-2011-4573  
Description
Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group connection properties history, which prevents such activities from being recorded in the audit trail.  
Reject
 
CVSS Version
2  
CVSS Score
3.5  
Severity
Low  
CVSS Base Score
3.5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:N/I:P/A:N)  
Pub Date
2017-01-07  
Published
2014-04-01  
Modified Date
2014-04-01  
Seq
2011-4573  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
61171 10962 CVE-2011-4573 RHSA-2012:0089  View
61172 10962 CVE-2011-4573 https://bugzilla.redhat.com/show_bug.cgi?id=760024  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
35067 JVNDB-2011-005309 Red Hat JBoss Operations Network における操作の監査証跡への記録を回避される脆弱性 Red Hat JBoss Operations Network (JON) は、グループ接続プロパティの履歴からプラグイン設定の更新を削除する際、リモート認証されたユーザに対する "リソースの変更 (modify resource)" パーミッションを適切に処理しないため、その操作の監査証跡への記録を回避される脆弱性が存在します。 CVE-2011-4573 52480 CVE-2011-4573 10962 3.5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005309.html 2011-12-05 2014-04-02 View