Unrated severityNVD Advisory· Published Feb 21, 2007· Updated Jun 16, 2026
CVE-2007-1036
CVE-2007-1036
Description
The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:jboss:jboss_application_server:*:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
9- www.kb.cert.org/vuls/id/632656nvdUS Government Resource
- osvdb.org/33744nvd
- wiki.jboss.org/wiki/Wiki.jspnvd
- wiki.jboss.org/wiki/Wiki.jspnvd
- www.securityfocus.com/archive/1/460597/100/0/threadednvd
- www.securityfocus.com/archive/1/460605/100/0/threadednvd
- www.securityfocus.com/archive/1/460695/100/0/threadednvd
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/32596nvd
News mentions
0No linked articles in our index yet.