Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:C763DDFFB7CB523379D9F2F7586FB6F3
HistoryJul 26, 2006 - 12:00 a.m.

CS-MARS JBoss jmx-console access

2006-07-2600:00:00
SAINT Corporation
download.saintcorporation.com
19

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.048 Low

EPSS

Percentile

91.8%

JSON

Added: 07/26/2006
CVE: CVE-2006-3733
BID: 19075
OSVDB: 27419

Background

The Cisco Security Monitoring, Analysis, and Response System (CS-MARS) recognizes and correlates network attacks.

Problem

CS-MARS includes the JBoss web application server with insufficient access control to the **jmx-console** component. This component can be used by a remote attacker to execute arbitrary commands.

Resolution

Upgrade to CS-MARS 4.2.1 or higher or apply the upgrade referenced in Cisco Security Advisory cisco-sa-20060719-mars.

References

<http://www.securityfocus.com/archive/1/440641&gt;

Platforms

cs-mars

Related

cve 2
saint 3
prion 1
cve
cve
CVE-2006-3733
2006-07-21 14:03:00
CVE-2007-1157
2007-03-02 21:18:00
saint
saint
CS-MARS JBoss jmx-console access
2006-07-26 00:00:00
CS-MARS JBoss jmx-console access
2006-07-26 00:00:00
CS-MARS JBoss jmx-console access
2006-07-26 00:00:00
prion
prion
Cross site request forgery (csrf)
2007-03-02 21:18:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.048 Low

EPSS

Percentile

91.8%

JSON
Related for SAINT:C763DDFFB7CB523379D9F2F7586FB6F3
cve2saint3prion1