Vulnerabilities > CVE-2010-1428 - Unspecified vulnerability in Redhat Jboss Enterprise Application Platform 4.2.0/4.3.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Metasploit
description | This module scans a JBoss instance for a few vulnerabilities. |
id | MSF:AUXILIARY/SCANNER/HTTP/JBOSS_VULNSCAN |
last seen | 2020-03-13 |
modified | 2019-09-12 |
published | 2010-06-21 |
references |
|
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/http/jboss_vulnscan.rb |
title | JBoss Vulnerability Scanner |
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0379.NASL description Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 5 as JBEAP 4.3.0.CP08. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution. This release of JBEAP for Red Hat Enterprise Linux 5 serves as a replacement to JBEAP 4.3.0.CP07. These updated packages include multiple bug fixes which are detailed in the Release Notes. The Release Notes will be available shortly from the link in the References section. The following security issues are also fixed with this release : The JMX Console configuration only specified an authentication requirement for requests that used the GET and POST HTTP last seen 2020-06-01 modified 2020-06-02 plugin id 63931 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63931 title RHEL 5 : JBoss EAP (RHSA-2010:0379) NASL family Web Servers NASL id JBOSS_EAP_JMX_CONSOLE_AUTH_BYPASS.NASL description The version of JBoss Enterprise Application Platform (EAP) running on the remote host allows unauthenticated access to certain documents under the last seen 2020-06-01 modified 2020-06-02 plugin id 46181 published 2010-04-29 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/46181 title JBoss Enterprise Application Platform '/web-console' Authentication Bypass NASL family Junos Local Security Checks NASL id JUNIPER_SPACE_JSA10627.NASL description According to its self-reported version number, the remote Junos Space version is prior to 13.3R1.8. It is, therefore, affected by multiple vulnerabilities in bundled third party software components : - Multiple vulnerabilities in RedHat JBoss application server. (CVE-2010-0738, CVE-2010-1428, CVE-2010-1429, CVE-2011-5245, CVE-2012-0818) - Multiple vulnerabilities in Oracle Java SE JDK. (CVE-2012-3143, CVE-2013-1537, CVE-2013-1557, CVE-2013-2422) - Multiple vulnerabilities in Oracle MySQL server. (CVE-2013-1502, CVE-2013-1511, CVE-2013-1532, CVE-2013-1544, CVE-2013-2375, CVE-2013-2376, CVE-2013-2389, CVE-2013-2391, CVE-2013-2392, CVE-2013-3783, CVE-2013-3793, CVE-2013-3794, CVE-2013-3801, CVE-2013-3802, CVE-2013-3804, CVE-2013-3805, CVE-2013-3808, CVE-2013-3809, CVE-2013-3812, CVE-2013-3839) - Multiple vulnerabilities in Apache HTTP Server. (CVE-2013-1862, CVE-2013-1896) - Known hard-coded MySQL credentials. (CVE-2014-3413) last seen 2020-06-01 modified 2020-06-02 plugin id 80195 published 2014-12-22 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80195 title Juniper Junos Space < 13.3R1.8 Multiple Vulnerabilities (JSA10627) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0378.NASL description Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 5 as JBEAP 4.2.0.CP09. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution. This release of JBEAP for Red Hat Enterprise Linux 5 serves as a replacement to JBEAP 4.2.0.CP08. These updated packages include multiple bug fixes which are detailed in the Release Notes. The Release Notes will be available shortly from the link in the References section. The following security issues are also fixed with this release : The JMX Console configuration only specified an authentication requirement for requests that used the GET and POST HTTP last seen 2020-06-01 modified 2020-06-02 plugin id 63930 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63930 title RHEL 5 : JBoss EAP (RHSA-2010:0378) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0376.NASL description Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 4 as JBEAP 4.2.0.CP09. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution. This release of JBEAP for Red Hat Enterprise Linux 4 serves as a replacement to JBEAP 4.2.0.CP08. These updated packages include multiple bug fixes which are detailed in the Release Notes. The Release Notes will be available shortly from the link in the References section. The following security issues are also fixed with this release : The JMX Console configuration only specified an authentication requirement for requests that used the GET and POST HTTP last seen 2020-06-01 modified 2020-06-02 plugin id 63928 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63928 title RHEL 4 : JBoss EAP (RHSA-2010:0376) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0377.NASL description Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 4 as JBEAP 4.3.0.CP08. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution. This release of JBEAP for Red Hat Enterprise Linux 4 serves as a replacement to JBEAP 4.3.0.CP07. These updated packages include multiple bug fixes which are detailed in the Release Notes. The Release Notes will be available shortly from the link in the References section. The following security issues are also fixed with this release : The JMX Console configuration only specified an authentication requirement for requests that used the GET and POST HTTP last seen 2020-06-01 modified 2020-06-02 plugin id 63929 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63929 title RHEL 4 : JBoss EAP (RHSA-2010:0377)
Redhat
advisories |
| ||||||||||||||||
rpms |
|
Saint
bid | 39710 |
description | RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass |
id | web_dev_jbossasver |
osvdb | 64171 |
title | jboss_application_server_jmx_console_authentication_bypass |
type | remote |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 39710 CVE ID: CVE-2010-0738,CVE-2010-1428,CVE-2010-1429 JBoss企业应用平台(EAP)是J2EE应用的中间件平台。 JBoss企业应用平台中存在多个非授权访问漏洞,远程用户可以绕过认证执行非授权操作或读取敏感信息。 1) JMX控制台配置仅对使用GET和POST HTTP命令的请求指定了认证要求,远程攻击者可以创建没有指定GET或POST的HTTP请求,导致无需认证便被默认的GET处理器执行。 2) 默认阻断了对JBoss应用服务器Web控制台(/web-console)的非认证访问,但这种阻断并不彻底,仅阻断了GET和POST HTTP命令。远程攻击者可以利用这个漏洞访问敏感信息。 3) RHSA-2008:0828更新修复了未经认证用户可访问状态servlet的漏洞(CVE-2008-3273);但RHSA-2009:0349中的bug修复重新引入了这个漏洞。远程攻击者可以利用这个漏洞获得有关所部署的web上下文的详细信息。 RedHat JBoss EAP 4.3 RedHat JBoss EAP 4.2 厂商补丁: RedHat ------ RedHat已经为此发布了一个安全公告(RHSA-2010:0376-01)以及相应补丁: RHSA-2010:0376-01:Critical: JBoss Enterprise Application Platform 4.2.0.CP09 update 链接:https://www.redhat.com/support/errata/RHSA-2010-0376.html |
id | SSV:19528 |
last seen | 2017-11-19 |
modified | 2010-04-29 |
published | 2010-04-29 |
reporter | Root |
title | JBoss企业应用平台多个非授权访问漏洞 |
References
- http://marc.info/?l=bugtraq&m=132698550418872&w=2
- http://marc.info/?l=bugtraq&m=132698550418872&w=2
- http://marc.info/?l=bugtraq&m=132698550418872&w=2
- http://marc.info/?l=bugtraq&m=132698550418872&w=2
- http://secunia.com/advisories/39563
- http://secunia.com/advisories/39563
- http://securitytracker.com/id?1023917
- http://securitytracker.com/id?1023917
- http://www.securityfocus.com/bid/39710
- http://www.securityfocus.com/bid/39710
- http://www.vupen.com/english/advisories/2010/0992
- http://www.vupen.com/english/advisories/2010/0992
- https://bugzilla.redhat.com/show_bug.cgi?id=585899
- https://bugzilla.redhat.com/show_bug.cgi?id=585899
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58148
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58148
- https://rhn.redhat.com/errata/RHSA-2010-0376.html
- https://rhn.redhat.com/errata/RHSA-2010-0376.html
- https://rhn.redhat.com/errata/RHSA-2010-0377.html
- https://rhn.redhat.com/errata/RHSA-2010-0377.html
- https://rhn.redhat.com/errata/RHSA-2010-0378.html
- https://rhn.redhat.com/errata/RHSA-2010-0378.html
- https://rhn.redhat.com/errata/RHSA-2010-0379.html
- https://rhn.redhat.com/errata/RHSA-2010-0379.html