CVE - CVE-2016-2141

CVE-ID
CVE-2016-2141	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
JGroups before 4.0 does not require the proper headers for the ENCRYPT and AUTH protocols from nodes joining the cluster, which allows remote attackers to bypass security restrictions and send and receive messages within the cluster via unspecified vectors.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:https://issues.jboss.org/browse/JGRP-2021 REDHAT:RHSA-2016:1328 URL:https://rhn.redhat.com/errata/RHSA-2016-1328.html REDHAT:RHSA-2016:1329 URL:https://rhn.redhat.com/errata/RHSA-2016-1329.html REDHAT:RHSA-2016:1330 URL:https://rhn.redhat.com/errata/RHSA-2016-1330.html REDHAT:RHSA-2016:1331 URL:https://rhn.redhat.com/errata/RHSA-2016-1331.html REDHAT:RHSA-2016:1332 URL:https://rhn.redhat.com/errata/RHSA-2016-1332.html REDHAT:RHSA-2016:1333 URL:https://rhn.redhat.com/errata/RHSA-2016-1333.html REDHAT:RHSA-2016:1334 URL:https://rhn.redhat.com/errata/RHSA-2016-1334.html REDHAT:RHSA-2016:1345 URL:https://access.redhat.com/errata/RHSA-2016:1345 REDHAT:RHSA-2016:1346 URL:https://access.redhat.com/errata/RHSA-2016:1346 REDHAT:RHSA-2016:1347 URL:https://access.redhat.com/errata/RHSA-2016:1347 REDHAT:RHSA-2016:1374 URL:https://access.redhat.com/errata/RHSA-2016:1374 REDHAT:RHSA-2016:1389 URL:https://access.redhat.com/errata/RHSA-2016:1389 REDHAT:RHSA-2016:1433 URL:https://access.redhat.com/errata/RHSA-2016:1433 REDHAT:RHSA-2016:1434 URL:https://access.redhat.com/errata/RHSA-2016:1434 REDHAT:RHSA-2016:1435 URL:http://rhn.redhat.com/errata/RHSA-2016-1435.html REDHAT:RHSA-2016:1432 URL:https://access.redhat.com/errata/RHSA-2016:1432 REDHAT:RHSA-2016:1439 URL:http://rhn.redhat.com/errata/RHSA-2016-1439.html REDHAT:RHSA-2016:1376 URL:https://access.redhat.com/errata/RHSA-2016:1376 REDHAT:RHSA-2016:2035 URL:http://rhn.redhat.com/errata/RHSA-2016-2035.html BID:91481 URL:http://www.securityfocus.com/bid/91481 SECTRACK:1036165 URL:http://www.securitytracker.com/id/1036165
Assigning CNA
Red Hat, Inc.
Date Entry Created
20160129	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20160129)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org