CyberSec.Space Logo
返回 CVE 浏览器

CVE-2010-0738

Known Exploited (CISA KEV)MEDIUM
5.3
CVSS Severity Score
EPSS Score81.2190%
EPSS Percentile98.39th
Published2010年4月28日
Last Modified2026年4月22日

Vulnerability Description

The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.

Affected Platforms (CPE)

📦
Redhat

Jboss Enterprise Application Platform

= 4.2.0
📦
Redhat

Jboss Enterprise Application Platform

= 4.3.0

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=132129312609324&w=2
🔗 http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=35
🔗 http://secunia.com/advisories/39563
🔗 http://securityreason.com/securityalert/8408
🔗 http://securitytracker.com/id?1023918
🔗 http://www.securityfocus.com/bid/39710
🔗 http://www.vupen.com/english/advisories/2010/0992
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=574105

相关漏洞威胁

CVE-2015-75019.8

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterp...

CVE-2017-121499.8

In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in ...

CVE-2014-54019.8

Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise Application Platform software that ...

CVE-2010-18718.8

JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize i...