Home

CVE-2010-1428

Description

The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
65.338

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp01Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp02Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp03Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp04Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp05Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp06Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3.0-cp01Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3.0-cp02Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3.0-cp03Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3.0-cp04Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp07Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3.0-cp05Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3.0-cp06Windows
Vulnerabilities CVE-2010-1428,CVE-2010-1429 are affected in Red Hat JBoss Enterprise Application Platform 7 *-cp07Windows
Vulnerabilities CVE-2010-1428,CVE-2010-1429 are affected in Red Hat JBoss Enterprise Application Platform 7 *-cp08Windows
CVE-2010-1428NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234