Home

CVE-2010-1429

Description

Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about deployed web contexts via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.

Risk Information

Base Score
7.5
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
27.359

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp01Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp02Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp03Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp04Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp05Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp06Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3.0-cp01Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3.0-cp02Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3.0-cp03Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3.0-cp04Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.2.0-cp07Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3.0-cp05Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 4.3.0-cp06Windows
Vulnerabilities CVE-2010-1428,CVE-2010-1429 are affected in Red Hat JBoss Enterprise Application Platform 7 *-cp07Windows
Vulnerabilities CVE-2010-1428,CVE-2010-1429 are affected in Red Hat JBoss Enterprise Application Platform 7 *-cp08Windows
CVE-2010-1429NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234