WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2014-0248 Vulnerability in maven package org.jboss.seam:jboss-seam

Description

org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform (JBEAP) 5.2.0, and JBoss Enterprise Web Platform (JBEWP) 5.2.0 allows remote attackers to execute arbitrary code via a crafted authentication header, related to Seam logging.

Remediation

References

http://rhn.redhat.com/errata/RHSA-2014-0785.html

http://rhn.redhat.com/errata/RHSA-2014-0791.html

http://rhn.redhat.com/errata/RHSA-2014-0792.html

http://rhn.redhat.com/errata/RHSA-2014-0793.html

http://rhn.redhat.com/errata/RHSA-2014-0794.html

http://rhn.redhat.com/errata/RHSA-2015-1888.html

http://secunia.com/advisories/59346

http://secunia.com/advisories/59554

http://secunia.com/advisories/59555

http://www.securitytracker.com/id/1030457

Related Vulnerabilities

CVE-2023-25571 Vulnerability in npm package @backstage/core-components

CVE-2023-20859 Vulnerability in maven package org.springframework.vault:spring-vault-core

CVE-2016-6636 Vulnerability in maven package org.cloudfoundry.identity:cloudfoundry-identity-login

CVE-2019-1003044 Vulnerability in maven package org.jenkins-ci.plugins:slack

CVE-2019-1003005 Vulnerability in maven package org.jenkins-ci.plugins:script-security

Severity

Critical

Classification

CWE-94

Tags

Vendor Advisory