VYPR

Operations Network 3

by JBoss

CVEs (2)

  • CVE-2010-0737HigOct 30, 2019
    risk 0.52cvss 8.0epss 0.01

    A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not properly check permissions, which allows JBoss ON users to perform management tasks and configuration changes with the privileges of the administrator user.

  • CVE-2019-3834HigOct 3, 2019
    risk 0.48cvss 7.3epss 0.01

    It was found that the fix for CVE-2014-0114 had been reverted in JBoss Operations Network 3 (JON). This flaw allows attackers to manipulate ClassLoader properties on a vulnerable server. Exploits that have been published rely on ClassLoader properties that are exposed such as…