JBoss Application Server Insecure MBean Inspector Access Vulnerability
Schweregrad:: Kritisch
CVE Kennungen:: CVE-2007-1036
Hinweisdatum: 21 Juli 2015
Beschreibung
The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1005548
Trend Micro Deep Security DPI Rule Name: 1005548 - JBoss Application Server DeploymentFileRepository WAR Deployment Vulnerability
Betroffene Software und Version:
- JBoss JBoss Application Server