Lucene search
Ubuntu.comUB:CVE-2010-3878HistoryDec 30, 2010 - 12:00 a.m.
CVE-2010-3878
2010-12-3000:00:00
ubuntu.com
ubuntu.com
9
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
56.3%
Cross-site request forgery (CSRF) vulnerability in the JMX Console in Red
Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3
before 4.3.0.CP09 allows remote attackers to hijack the authentication of
administrators for requests that deploy WAR files.
Bugs
- <https://bugzilla.redhat.com/show_bug.cgi?id=604617>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581226>
Notes
| Author | Note |
|---|---|
| mdeslaur | debian says not affected, need to check. |
Related
cvelist
cvelist
CVE-2010-3878
2010-12-30 20:00:00
cve
cve
CVE-2010-3878
2010-12-30 21:00:01
prion
prion
Cross site request forgery (csrf)
2010-12-30 21:00:00
nvd
nvd
CVE-2010-3878
2010-12-30 21:00:01
veracode
veracode
Cross-site Request Forgery (CSRF)
2020-04-10 00:50:36
nessus
nessus
RHEL 4 : JBoss EAP (RHSA-2010:0937)
2013-01-24 00:00:00
RHEL 5 : JBoss EAP (RHSA-2010:0938)
2013-01-24 00:00:00
redhat
redhat
openvas
openvas
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
56.3%
Related for UB:CVE-2010-3878