Identity Spoofing Vulnerability in Red Hat JBoss Operations Network (JON)

Identity Spoofing Vulnerability in Red Hat JBoss Operations Network (JON)

CVE-2012-0052 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name.

Learn more about our Network Penetration Testing.