The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests.
Metrics
Affected Vendors & Products
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T12:43:22.417Z
Reserved: 2007-02-20T00:00:00
Link: CVE-2007-1036

No data.

Status : Deferred
Published: 2007-02-21T11:28:00.000
Modified: 2025-04-09T00:30:58.490
Link: CVE-2007-1036

No data.

No data.