JBoss Application Server Insecure MBean Inspector Access Vulnerability
Schweregrad: : Crítico
Identificador(es) CVE: : CVE-2007-1036
Data do informe: 21 julho 2015
Descrição
The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests.
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1005548
Trend Micro Deep Security DPI Rule Name: 1005548 - JBoss Application Server DeploymentFileRepository WAR Deployment Vulnerability
Software infectado e versão:
- JBoss JBoss Application Server