CVE-2010-1428CISA KEV: Actively Exploited

Red Hat JBoss Information Disclosure Vulnerability

Published May 25, 2022·Updated May 25, 2022

Description

Unauthenticated access to the JBoss Application Server Web Console (/web-console) is blocked by default. However, it was found that this block was incomplete, and only blocked GET and POST HTTP verbs. A remote attacker could use this flaw to gain access to sensitive information.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free