2 matches found
Red Hat JBoss Application Server (AS) Console and Web Management Misconfiguration Vulnerability - Active Check
The default configuration of Red Hat JBoss Application Server AS does not restrict access to the console and web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests. SPDX-FileCopyrightText: 2019 Greenbone AG Some text...
Authentication flaw
ToutVirtual VirtualIQ Pro before 3.5 build 8691 does not require administrative authentication for JBoss console access, which allows remote attackers to execute arbitrary commands via requests to 1 the JMX Management Console or 2 the Web Console...