Description

Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client.

Remediation

References

CVE-2013-4128

Related Vulnerabilities

WordPress Plugin WP Limit Login Attempts SQL Injection (2.0.0)

Piwigo Improper Access Control Vulnerability (CVE-2016-10085)

Apache Tomcat version older than 7.0.32

MySQL CVE-2012-3147 Vulnerability (CVE-2012-3147)

MySQL Other Vulnerability (CVE-2007-2692)

Severity

Medium

Classification

CVE-2013-4128

Tags

Missing Update Known Vulnerabilities