Redhat Jboss Application Server — known CVE vulnerabilities
Every CVE whose affected-product data names Redhat Jboss Application Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2012-2312 — CVSS 7.8 (high): An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation…
CVE-2012-1094 — CVSS 7.5 (high): JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be…
CVE-2013-3734 — CVSS 6.6 (medium): The Embedded Jopr component in JBoss Application Server includes the cleartext datasource password in unspecified HTML responses, which…
CVE-2011-3609 — CVSS 6.5 (medium): A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict access to the management console…
CVE-2011-3606 — CVSS 5.4 (medium): A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration console. A remote…