Redhat : Security Vulnerabilities, CVEs, Published In April 2010

CVE-2010-1429

Public exploit
Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.
Max CVSS
5.0
EPSS Score
0.57%
Published
2010-04-28
Updated
2023-02-13

CVE-2010-1428

Known exploited
Public exploit
Used for ransomware
The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method.
Max CVSS
5.0
EPSS Score
0.88%
Published
2010-04-28
Updated
2017-08-17
CISA KEV Added
2022-05-25

CVE-2010-0738

Known exploited
Public exploit
Used for ransomware
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
Max CVSS
5.0
EPSS Score
97.33%
Published
2010-04-28
Updated
2023-02-13
CISA KEV Added
2022-05-25
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close