| VID |
210024 |
| Severity |
40 |
| Port |
8080, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The JBoss Application Server allows unauthenticated access to the JMX / Web Console. JBoss Application Server could allow a remote, unauthenticated attacker to access the JMX / Web Console servlets used to manage JBoss and its services. A remote attacker could exploit this flaw to disclose sensitive information about the affected application or even take control of it.
* References:
https://community.jboss.org/wiki/securethejmxconsole
* Platforms Affected:
JBoss Application Server Any version
Any operating system Any version |
| Recommendation |
Secure access to the JMX Console, as described in the Wiki article at https://community.jboss.org/wiki/securethejmxconsole |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
