CVE-2013-4112 Vulnerability in maven package org.jgroups:jgroups

Description

The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.

Remediation

References

http://rhn.redhat.com/errata/RHSA-2013-1207.html

http://rhn.redhat.com/errata/RHSA-2013-1208.html

http://rhn.redhat.com/errata/RHSA-2013-1209.html

http://rhn.redhat.com/errata/RHSA-2013-1437.html

http://rhn.redhat.com/errata/RHSA-2013-1771.html

http://rhn.redhat.com/errata/RHSA-2014-0029.html

https://bugzilla.redhat.com/show_bug.cgi?id=983489

Related Vulnerabilities

CVE-2005-4849 Vulnerability in maven package org.apache.derby:derby

CVE-2011-3375 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core

CVE-2017-16206 Vulnerability in npm package cofee-script

CVE-2017-7683 Vulnerability in maven package org.apache.openmeetings:openmeetings-server

CVE-2017-16065 Vulnerability in npm package openssl.js

Severity

Critical

Classification

CWE-200