CVE-2011-4573 — LOW (3.5) — White Hats Nepal

Q: How severe is CVE-2011-4573?

CVE-2011-4573 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2011-4573?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Jboss Operations Network.

Vulnerability Description

Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group connection properties history, which prevents such activities from being recorded in the audit trail.

CVSS Score

3.5

LOW

AV:N/AC:M/Au:S/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Redhat	Jboss Operations Network	<= 2.4.1

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2011-4573?

CVE-2011-4573 is a vulnerability with a CVSS score of 3.5 (LOW). Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group c...

How severe is CVE-2011-4573?

CVE-2011-4573 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-4573?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Jboss Operations Network.