Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-3878
HistoryDec 30, 2010 - 9:00 p.m.

CVE-2010-3878

2010-12-3021:00:01
CWE-352
[email protected]
web.nvd.nist.gov
27
cve-2010-3878
cross-site request forgery
csrf vulnerability
red hat
jboss eap
security vulnerability
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.4%

JSON

Cross-site request forgery (CSRF) vulnerability in the JMX Console in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 before 4.3.0.CP09 allows remote attackers to hijack the authentication of administrators for requests that deploy WAR files.

Affected configurations

NVD
Node
redhatjboss_enterprise_application_platformMatch4.3.0
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp01
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp02
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp03
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp04
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp05
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp06
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp07
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp08

Related

cvelist 1
prion 1
nvd 1
ubuntucve 1
veracode 1
nessus 2
redhat 2
openvas 1
cvelist
cvelist
CVE-2010-3878
2010-12-30 20:00:00
prion
prion
Cross site request forgery (csrf)
2010-12-30 21:00:00
nvd
nvd
CVE-2010-3878
2010-12-30 21:00:01
ubuntucve
ubuntucve
CVE-2010-3878
2010-12-30 00:00:00
veracode
veracode
Cross-site Request Forgery (CSRF)
2020-04-10 00:50:36
nessus
nessus
RHEL 4 : JBoss EAP (RHSA-2010:0937)
2013-01-24 00:00:00
RHEL 5 : JBoss EAP (RHSA-2010:0938)
2013-01-24 00:00:00
redhat
redhat
(RHSA-2010:0938) Important: JBoss Enterprise Application Platform 4.3.0.CP09 update
2010-12-01 00:00:00
(RHSA-2010:0939) Important: JBoss Enterprise Application Platform 4.3.0.CP09 update
2010-12-01 18:48:05
openvas
openvas
Red Hat JBoss Enterprise Application Platform (EAP) <= 4.3.0 Multiple Vulnerabilities
2010-12-02 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.4%

JSON
Related for CVE-2010-3878
cvelist1prion1nvd1ubuntucve1veracode1nessus2redhat2openvas1