Lucene search

K

RedhatCVELIST:CVE-2010-1428

HistoryApr 28, 2010 - 10:00 p.m.

CVE-2010-1428

2010-04-2822:00:00

redhat

www.cve.org

9.1 High

AI Score

Confidence

High

0.088 Low

EPSS

Percentile

94.6%

The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method.

References

marc.info/?l=bugtraq&m=132698550418872&w=2

secunia.com/advisories/39563

securitytracker.com/id?1023917

www.securityfocus.com/bid/39710

www.vupen.com/english/advisories/2010/0992

bugzilla.redhat.com/show_bug.cgi?id=585899

exchange.xforce.ibmcloud.com/vulnerabilities/58148

rhn.redhat.com/errata/RHSA-2010-0376.html

rhn.redhat.com/errata/RHSA-2010-0377.html

rhn.redhat.com/errata/RHSA-2010-0378.html

rhn.redhat.com/errata/RHSA-2010-0379.html

9.1 High

AI Score

Confidence

High

0.088 Low

EPSS

Percentile

94.6%

Related for CVELIST:CVE-2010-1428

nvd1 veracode1 attackerkb1 cisa_kev1 prion1 cve1 nessus7 openvas1 securityvulns4 redhat1 seebug1 kitploit1