What is the severity of CVE-2013-4128?

CVE-2013-4128 is classified as a moderate severity vulnerability.

How do I fix CVE-2013-4128?

Fix CVE-2013-4128 by updating Red Hat JBoss Enterprise Application Platform to the latest version that addresses this vulnerability.

Who is affected by CVE-2013-4128?

CVE-2013-4128 affects users of Red Hat JBoss Enterprise Application Platform version 6.1.0.

What type of attack does CVE-2013-4128 enable?

CVE-2013-4128 allows a remote attacker to exploit a flaw in connection caching for remote EJB invocations.

What is the main issue caused by CVE-2013-4128?

CVE-2013-4128 allows an attacker to obtain a previously authenticated connection via an EJB client.

Vulnerability/
CVE-2013-4128

medium

6.4

CWE

16/7/2013

16/8/2013

12/5/2023

CVE-2013-4128

First published: Tue Jul 16 2013(Updated: )

A flaw was discovered in the way connections for remote EJB invocations via the remote-naming project were cached on the server. A remote attacker could exploit this flaw by using an EJB client to get a previously authenticated connection.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
JBoss Enterprise Application Platform	=6.1.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-4128?
CVE-2013-4128 is classified as a moderate severity vulnerability.
How do I fix CVE-2013-4128?
Fix CVE-2013-4128 by updating Red Hat JBoss Enterprise Application Platform to the latest version that addresses this vulnerability.
Who is affected by CVE-2013-4128?
CVE-2013-4128 affects users of Red Hat JBoss Enterprise Application Platform version 6.1.0.
What type of attack does CVE-2013-4128 enable?
CVE-2013-4128 allows a remote attacker to exploit a flaw in connection caching for remote EJB invocations.
What is the main issue caused by CVE-2013-4128?
CVE-2013-4128 allows an attacker to obtain a previously authenticated connection via an EJB client.

collector/redhat-bugzilla
alias/CVE-2013-4128
agent/type
agent/last-modified-date
agent/first-publish-date
agent/author
agent/references
agent/severity
agent/weakness
agent/softwarecombine
agent/tags
agent/description
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
vendor/redhat
canonical/jboss enterprise application platform
version/jboss enterprise application platform/6.1.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.