Unrated severityNVD Advisory· Published Apr 28, 2010· Updated Jun 16, 2026
CVE-2010-1429
CVE-2010-1429
Description
Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp01:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp02:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp03:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp04:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp05:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp06:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0:cp07:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp01:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp02:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp03:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp04:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp05:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp06:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:cp07:*:*:*:*:*:*range: <=4.3.0
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:cp08:*:*:*:*:*:*range: <=4.2.0
- (no CPE)range: 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08
Patches
Vulnerability mechanics
References
12- secunia.com/advisories/39563nvdVendor Advisory
- www.vupen.com/english/advisories/2010/0992nvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2010-0376.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2010-0377.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2010-0378.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2010-0379.htmlnvdVendor Advisory
- marc.infonvd
- securitytracker.com/idnvd
- www.securityfocus.com/bid/39710nvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/58149nvd
- www.exploit-db.com/exploits/44009/nvd
News mentions
0No linked articles in our index yet.