CVE-2007-1354

Impact:: Low
Public Date:: 2007-04-15

Bugzilla:: 1618298: CVE-2007-1354 security flaw

The MITRE CVE dictionary describes this issue as:

The Access Control functionality (JMXOpsAccessControlFilter) in JMX Console in JBoss Application Server 4.0.2 and 4.0.5 before 20070416 uses a member variable to store the roles of the current user, which allows remote authenticated administrators to trigger a race condition and gain privileges by logging in during a session by a more privileged administrator, as demonstrated by privilege escalation from Read Mode to Write Mode.

Find out more about CVE-2007-1354 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform	Errata	Release Date
JBoss Application Server 4	RHSA-2007:0151	2007-04-16

Last Modified 2018-08-16T21:20:47+00:00

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories

CVE-2007-1354

Red Hat Security Errata