Vulnerabilities > Redhat > Jboss Operations Network > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-04 | CVE-2013-4374 | Exposure of Resource to Wrong Sphere vulnerability in Redhat products An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files. | 3.6 |
| 2014-04-01 | CVE-2011-4573 | Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Operations Network Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group connection properties history, which prevents such activities from being recorded in the audit trail. | 3.5 |
| 2014-04-01 | CVE-2012-0032 | Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Operations Network Red Hat JBoss Operations Network (JON) before 3.0.1 uses 0777 permissions for the root directory when installing a remote client, which allows local users to read or modify subdirectories and files within the root directory, as demonstrated by obtaining JON credentials. | 3.7 |
| 2013-12-24 | CVE-2013-4452 | Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Operations Network 3.1.2 Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions for the (1) server and (2) agent configuration files, which allows local users to obtain authentication credentials and other unspecified sensitive information by reading these files. | 2.1 |
| 2013-10-24 | CVE-2013-4293 | Cryptographic Issues vulnerability in Redhat Jboss Operations Network 3.1.2 The server in Red Hat JBoss Operations Network (JON) 3.1.2 logs passwords in plaintext, which allows local users to obtain sensitive information by reading the log files. | 2.1 |
| 2013-10-24 | CVE-2013-4373 | Improper Input Validation vulnerability in Redhat Jboss Operations Network 3.1.2 The storeFiles method in JPADriftServerBean in Red Hat JBoss Operations Network (JON) 3.1.2 allows local users to load arbitrary drift files into a server by writing the files to the temporary directory that is used to unpack zip files. | 3.2 |