Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-3519
HistorySep 23, 2008 - 3:24 p.m.

CVE-2008-3519

2008-09-2315:24:00
CWE-16
[email protected]
web.nvd.nist.gov
32
jbosseap
red hat
jbossas
cve-2008-3519
information security
vulnerability

5.8 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.9%

JSON

The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform (aka JBossEAP or EAP), possibly 4.2 before CP04 and 4.3 before CP02, when a production environment is enabled, sets the DownloadServerClasses property to true, which allows remote attackers to obtain sensitive information (non-EJB classes) via a download request, a different vulnerability than CVE-2008-3273.

Related

prion 3
seebug 3
veracode 3
nessus 13
redhat 3
ubuntucve 1
cve 2
nuclei 1
openvas 1
securityvulns 2
prion
prion
Default configuration
2008-09-23 15:24:00
Input validation
2008-08-10 20:41:00
Design/Logic Flaw
2010-04-28 22:30:00
seebug
seebug
JBoss Enterprise Application Platform类文件信息泄漏漏洞
2008-09-24 00:00:00
JBoss Enterprise Application Platform信息泄漏漏洞
2008-08-06 00:00:00
JBoss企业应用平台多个非授权访问漏洞
2010-04-29 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:26:23
Information Disclosure
2020-04-10 00:26:36
Information Disclosure
2020-04-10 00:42:54
nessus
nessus
RHEL 5 : JBoss EAP (RHSA-2008:0832)
2013-01-24 00:00:00
RHEL 5 : JBoss EAP (RHSA-2008:0834)
2013-01-24 00:00:00
RHEL 4 : JBoss EAP (RHSA-2008:0833)
2013-01-24 00:00:00
redhat
redhat
(RHSA-2008:0832) Low: JBoss Enterprise Application Platform 4.3.0CP02 security update
2008-09-22 00:00:00
(RHSA-2008:0828) Moderate: JBoss Enterprise Application Platform 4.3.0CP01 security update
2008-08-05 00:00:00
(RHSA-2010:0379) Critical: JBoss Enterprise Application Platform 4.3.0.CP08 update
2010-04-27 00:00:00
ubuntucve
ubuntucve
CVE-2008-3273
2008-08-10 00:00:00
cve
cve
CVE-2008-3273
2008-08-10 20:41:00
CVE-2010-1429
2010-04-28 22:30:00
nuclei
nuclei
Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure
2023-01-18 06:55:26
openvas
openvas
Red Hat JBoss Products Multiple Vulnerabilities (status page) - Active Check
2011-09-16 00:00:00
securityvulns
securityvulns
Business Availability Center / Business Service Management information leakage
2012-01-21 00:00:00
[security bulletin] HPSBMU02736 SSRT100699 rev.1 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information
2012-01-21 00:00:00

5.8 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.9%

JSON
Related for CVE-2008-3519
prion3seebug3veracode3nessus13redhat3ubuntucve1cve2nuclei1openvas1securityvulns2