Medium severity5.3NVD Advisory· Published Jan 5, 2013· Updated May 14, 2026
CVE-2012-4550
CVE-2012-4550
Description
A flaw was found in JBoss Enterprise Application Platform. When role-based authorization is used for Enterprise Java Beans (EJB) access, the system does not correctly call the necessary authorization modules. This prevents Java Authorization Contract for Containers (JACC) permissions from being applied, allowing remote attackers to gain unauthorized access to EJBs.
Affected products
1- cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- rhn.redhat.com/errata/RHSA-2012-1591.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2012-1592.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2012-1594.htmlnvdVendor Advisory
- secunia.com/advisories/51607nvdVendor Advisory
- access.redhat.com/errata/RHSA-2012:1591nvd
- access.redhat.com/errata/RHSA-2012:1592nvd
- access.redhat.com/errata/RHSA-2012:1594nvd
- access.redhat.com/security/cve/CVE-2012-4550nvd
News mentions
0No linked articles in our index yet.