CVE-2015-5176
5.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:N
Exploitability: 8.6 / Impact: 4.9
Source: NVD
Description
The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBoss Portal 6.2.0, does not properly enforce the security constraints of servlets, which allows remote attackers to gain access to resources via a request that asks to render a non-JSF resource.
Affected (1)
Products: Redhat: Jboss Portal
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 6.2.0 |
Related CWEs
References (2)
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.