Lucene search
Redhat.comRH:CVE-2007-1036HistoryOct 30, 2015 - 9:24 a.m.
CVE-2007-1036
2015-10-3009:24:46
redhat.com
access.redhat.com
3
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
Low
0.966 High
EPSS
Percentile
99.6%
The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests.
Related
packetstorm
packetstorm
JBoss DeploymentFileRepository WAR Deployment
2012-09-05 00:00:00
nvd
nvd
CVE-2007-1036
2007-02-21 11:28:00
CVE-2013-4810
2013-09-16 13:01:46
prion
prion
Authentication flaw
2007-02-21 11:28:00
Design/Logic Flaw
2013-09-16 13:01:00
cve
cve
CVE-2007-1036
2007-02-21 11:28:00
CVE-2013-4810
2013-09-16 13:01:46
openvas
openvas
cvelist
cvelist
CVE-2007-1036
2007-02-21 11:00:00
CVE-2013-4810
2013-09-13 18:00:00
cert
cert
nessus
nessus
hackerone
hackerone
securityvulns
securityvulns
JBoss insecure defaults
2007-02-23 00:00:00
attackerkb
attackerkb
CVE-2013-4810
2013-09-16 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
Low
0.966 High
EPSS
Percentile
99.6%
Related for RH:CVE-2007-1036