CVE-2012-1154
Description
mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when ROOT is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed on the root context via unspecified vectors.
Risk Information
Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.258
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 5.1.2 | Windows |
| Vulnerabilities CVE-2012-1154 are fixed in JBoss - mod_cluster 1.1.4 | Windows |
| Vulnerabilities CVE-2012-1154 are fixed in JBoss - mod_cluster for Linux 1.1.4 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234