Vulnerability Details CVE-2012-5626
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2012-5626
-
cpe:2.3:a:redhat:jboss_brms:5
-
cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0
-
cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.0
-
cpe:2.3:a:redhat:jboss_operations_network:3.1
-
cpe:2.3:a:redhat:jboss_portal:4.0.0
-
cpe:2.3:a:redhat:jboss_portal:5.0.0
-
cpe:2.3:a:redhat:jboss_soa_platform:4.2
-
cpe:2.3:a:redhat:jboss_soa_platform:4.3
-
cpe:2.3:a:redhat:jboss_soa_platform:5