Vulnerability Details CVE-2012-0052
Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.6%
CVSS Severity
CVSS v2 Score 5.8
References
Products affected by CVE-2012-0052
-
cpe:2.3:a:redhat:jboss_operations_network:1.0.0
-
cpe:2.3:a:redhat:jboss_operations_network:2.0.0
-
cpe:2.3:a:redhat:jboss_operations_network:2.0.1
-
cpe:2.3:a:redhat:jboss_operations_network:2.1.0
-
cpe:2.3:a:redhat:jboss_operations_network:2.1.2
-
cpe:2.3:a:redhat:jboss_operations_network:2.2
-
cpe:2.3:a:redhat:jboss_operations_network:2.3
-
cpe:2.3:a:redhat:jboss_operations_network:2.3.1
-
cpe:2.3:a:redhat:jboss_operations_network:2.4
-
cpe:2.3:a:redhat:jboss_operations_network:2.4.1
-
cpe:2.3:a:redhat:jboss_operations_network:3.0