Vulnerability & Exploit Database

Back to search

JBoss JMX-Console Access Vulnerability

Severity CVSS Published Added Modified
8 (AV:N/AC:L/Au:N/C:P/I:P/A:P) February 19, 2007 April 05, 2007 December 03, 2013

Available Exploits 

Description

The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

jboss-password-fix