Unrated severityNVD Advisory· Published Feb 5, 2013· Updated Jun 16, 2026
CVE-2012-5478
CVE-2012-5478
Description
The AuthorizationInterceptor in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 does not properly restrict access, which allows remote authenticated users to bypass intended role restrictions and perform arbitrary JMX operations via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*
- (no CPE)range: <5.2.0
- cpe:2.3:a:redhat:jboss_enterprise_brms_platform:*:*:*:*:*:*:*:*Range: <=5.3.0
- cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
15- rhn.redhat.com/errata/RHSA-2013-0191.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-0192.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-0193.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-0194.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-0195.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-0196.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-0197.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-0198.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-0221.htmlnvdVendor Advisory
- secunia.com/advisories/51984nvdVendor Advisory
- secunia.com/advisories/52054nvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-0533.htmlnvd
- securitytracker.com/idnvd
- www.osvdb.org/89580nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/81514nvd
News mentions
0No linked articles in our index yet.