Medium severity5.3CISA KEVNVD Advisory· Published Apr 28, 2010· Updated Apr 22, 2026
CVE-2010-0738
CVE-2010-0738
Description
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
Affected products
2cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:-:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:-:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:-:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- marc.infonvdExploitMailing List
- public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspxnvdThird Party Advisory
- secunia.com/advisories/39563nvdBroken LinkVendor Advisory
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/39710nvdBroken LinkThird Party AdvisoryVDB Entry
- www.vupen.com/english/advisories/2010/0992nvdBroken LinkVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/58147nvdThird Party AdvisoryVDB Entry
- rhn.redhat.com/errata/RHSA-2010-0379.htmlnvdVendor Advisory
- securityreason.com/securityalert/8408nvdBroken Link
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
- rhn.redhat.com/errata/RHSA-2010-0376.htmlnvdBroken Link
- rhn.redhat.com/errata/RHSA-2010-0377.htmlnvdBroken Link
- rhn.redhat.com/errata/RHSA-2010-0378.htmlnvdBroken Link
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.