JBoss Application Server Insecure MBean Inspector Access Vulnerability

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 緊急

CVE識別番号: CVE-2007-1036

概要

The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1005548

Trend Micro Deep Security DPI Rule Name: 1005548 - JBoss Application Server DeploymentFileRepository WAR Deployment Vulnerability

影響を受けるソフトウェア

JBoss JBoss Application Server