BSA-2017-469
21436
17 November 2017
17 November 2017
Closed
Medium
6.8
N/A
CVE-2015-5188
Summary
Security Advisory ID : BSA-2017-469
Component : JBOSS Application
Revision : 1.0: Interim
Cross-site request forgery (CSRF) vulnerability in the Web Console (web-console) in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) before 2.0.0.CR9 allows remote attackers to hijack the authentication of administrators for requests that make arbitrary changes to an instance via vectors involving a file upload using a multipart/form-data submission..
Affected Products
Brocade is investigating its product lines to determine which products may be affected by this vulnerability and the impact on each affected product.
Products Confirmed Not Vulnerable
Brocade Fabric OS is confirmed not affected by this vulnerability.
Workaround
There are no workarounds that address this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | November 17, 2017 |