CVE-2007-1354

Impact:
Low
Public Date:
2007-04-15
Bugzilla:
1618298: CVE-2007-1354 security flaw

The MITRE CVE dictionary describes this issue as:

The Access Control functionality (JMXOpsAccessControlFilter) in JMX Console in JBoss Application Server 4.0.2 and 4.0.5 before 20070416 uses a member variable to store the roles of the current user, which allows remote authenticated administrators to trigger a race condition and gain privileges by logging in during a session by a more privileged administrator, as demonstrated by privilege escalation from Read Mode to Write Mode.

Find out more about CVE-2007-1354 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
JBoss Application Server 4 RHSA-2007:0151 2007-04-16

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.