RedHat JBoss WildFly Application Server Information Disclosure Vulnerability (CVE-2016-0793)

2016年5月31日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 緊急

概要

Incomplete blacklist vulnerability in the servlet filter restriction mechanism in WildFly (formerly JBoss Application Server) before 10.0.0.Final on Windows allows remote attackers to read the sensitive files in the WEB-INF directory via a request that contains (a) lowercase or (b) "meaningless" characters.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1007606