WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2014-0248 Vulnerability in maven package org.jboss.seam:jboss-seam

Description

org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform (JBEAP) 5.2.0, and JBoss Enterprise Web Platform (JBEWP) 5.2.0 allows remote attackers to execute arbitrary code via a crafted authentication header, related to Seam logging.

Remediation

References

http://rhn.redhat.com/errata/RHSA-2014-0785.html

http://rhn.redhat.com/errata/RHSA-2014-0791.html

http://rhn.redhat.com/errata/RHSA-2014-0792.html

http://rhn.redhat.com/errata/RHSA-2014-0793.html

http://rhn.redhat.com/errata/RHSA-2014-0794.html

http://rhn.redhat.com/errata/RHSA-2015-1888.html

http://secunia.com/advisories/59346

http://secunia.com/advisories/59554

http://secunia.com/advisories/59555

http://www.securitytracker.com/id/1030457

Related Vulnerabilities

CVE-2021-31812 Vulnerability in maven package org.apache.pdfbox:pdfbox

CVE-2017-1000093 Vulnerability in maven package org.jenkins-ci.plugins:pollscm

CVE-2020-28923 Vulnerability in maven package com.typesafe.play:play

CVE-2023-26471 Vulnerability in maven package org.xwiki.platform:xwiki-platform-rendering-async-api

CVE-2017-8046 Vulnerability in maven package org.springframework.data:spring-data-rest-webmvc

Severity

Critical

Classification

CWE-94

Tags

Vendor Advisory