CVE-2010-0738 — Actively Exploited: JBoss (Red Hat)
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
| CVE ID | CVE-2010-0738 |
|---|---|
| Vendor | Red Hat |
| Product | JBoss |
| Vulnerability name | Red Hat JBoss Authentication Bypass Vulnerability |
| Date added | 2022-05-25 |
| Remediation due | 2022-06-15 |
| Known ransomware use | Known |
| Required action | Apply updates per vendor instructions. |
| Description | The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →