Gravità: : Critico
  Identificatori CVE: CVE-2007-1036
  Data notifica: 21 luglio 2015

  Descrizione

The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests.

  Informazioni esposizione:

Apply associated Trend Micro DPI Rules.

  Soluzioni

  Trend Micro Deep Security DPI Rule Number: 1005548
  Trend Micro Deep Security DPI Rule Name: 1005548 - JBoss Application Server DeploymentFileRepository WAR Deployment Vulnerability

  Software e versione interessati:

  • JBoss JBoss Application Server