CVE-2010-2474
Last modified
CVE-2010-2474 is a vulnerability of currently unknown severity. JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2 does not properly consider the security domain with which a service is secured, which might allow remote attackers to gain privileges by executing a service.. EPSS estimates a 0.90% chance of exploitation in the next 30 days.
Description
JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2 does not properly consider the security domain with which a service is secured, which might allow remote attackers to gain privileges by executing a service.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Jboss Enterprise Service Bus | <= 4.7 |
| Redhat | Jboss Enterprise Service Bus | 4.0 |
| Redhat | Jboss Enterprise Service Bus | 4.2 |
| Redhat | Jboss Enterprise Service Bus | 4.2.1 |
| Redhat | Jboss Enterprise Service Bus | 4.3 |
| Redhat | Jboss Enterprise Service Bus | 4.4 |
| Redhat | Jboss Enterprise Service Bus | 4.5 |
| Redhat | Jboss Enterprise Service Bus | 4.6 |
| Redhat | Jboss Enterprise Soa Platform | 4.2.0 |
| Redhat | Jboss Enterprise Soa Platform | 4.3.0 |
| Redhat | Jboss Enterprise Soa Platform | 5.0.0 |
| Redhat | Jboss Enterprise Soa Platform | 5.0.1 |
References
- http://secunia.com/advisories/40568Vendor Advisory
- http://secunia.com/advisories/40681Vendor Advisory
- http://secunia.com/advisories/40568Vendor Advisory
- http://secunia.com/advisories/40681Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-2474?
How severe is CVE-2010-2474?
How do I fix CVE-2010-2474?
Are you affected by CVE-2010-2474?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST