Summary
JBoss Enterprise Application Platform is prone to multiple vulnerabilities, including an information-disclosure issue and multiple authentication-bypass issues.
An attacker can exploit these issues to bypass certain security restrictions to obtain sensitive information or gain unauthorized access to the application.
Solution
Updates are available. Please see the references for details.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-0738, CVE-2010-1428, CVE-2010-1429 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities
- Check for IIS .cnf file leakage
- IBM WebSphere Application Server (WAS) XSS and CSRF Vulnerabilities
- Apache Tomcat HTTP NIO Denial Of Service Vulnerability (Windows)
- Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability