CVE-2010-2474
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
10/08/2010
Last modified:
11/04/2025
Description
JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2 does not properly consider the security domain with which a service is secured, which might allow remote attackers to gain privileges by executing a service.
Impact
Base Score 2.0
3.50
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:redhat:jboss_enterprise_service_bus:*:*:*:*:*:*:*:* | 4.7 (including) | |
| cpe:2.3:a:redhat:jboss_enterprise_service_bus:4.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_service_bus:4.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_service_bus:4.2.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_service_bus:4.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_service_bus:4.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_service_bus:4.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_service_bus:4.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp01:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp02:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp03:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp04:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp05:*:*:*:*:*:* | ||
| cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:tp02:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/40568
- http://secunia.com/advisories/40681
- http://www.redhat.com/docs/en-US/JBoss_SOA_Platform/5.0.2/html/5.0.2_Release_Notes/index.html
- https://bugzilla.redhat.com/show_bug.cgi?id=609442
- https://jira.jboss.org/browse/JBESB-3345
- http://secunia.com/advisories/40568
- http://secunia.com/advisories/40681
- http://www.redhat.com/docs/en-US/JBoss_SOA_Platform/5.0.2/html/5.0.2_Release_Notes/index.html
- https://bugzilla.redhat.com/show_bug.cgi?id=609442
- https://jira.jboss.org/browse/JBESB-3345