Description
Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client.
Remediation
References
Related Vulnerabilities
WordPress Plugin RokNewsPager Multiple Vulnerabilities (1.17)
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2016-0284)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3464)
Jenkins Incorrect Default Permissions Vulnerability (CVE-2023-43496)
WordPress Plugin Timetable and Event Schedule by MotoPress Information Disclosure (2.3.19)