Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Jboss_enterprise_application_platform | Redhat | 6.1.0 (including) | 6.1.0 (including) |