Versio.io

CVE-2010-0738

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 26-04-2010 02:00
Last modified: - 26-04-2010 02:00
Total changes: - 8

Description

CVE-2010-0738 JBoss EAP jmx authentication bypass with crafted HTTP request

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:P/I:P/A:P
Low
Attack complexity
Network
Attack vector
Low
Availability
Low
Confidentiality
Low
Integrity
-
Privileges required
-
Scope
-
User interaction
7.5
Base score
Exploitability score
Impact score
 

Verification logic

OR
AND
product=hibernate3-1 AND versionEndExcluding=3.2.4-1.SP1_CP10.0jpp.ep1.1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=hibernate3-annotations-0 AND versionEndExcluding=3.3.1-1.12.GA_CP03.ep1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=hsqldb-1 AND versionEndExcluding=1.8.0.8-3.patch03.1jpp.ep1.3.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jacorb-0 AND versionEndExcluding=2.3.0-1jpp.ep1.10.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jakarta-commons-httpclient-1 AND versionEndExcluding=3.0.1-1.patch01.1jpp.ep1.4.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jboss-aop-0 AND versionEndExcluding=1.5.5-3.CP05.2.ep1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jbossas-0 AND versionEndExcluding=4.2.0-6.GA_CP09.6.ep1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jboss-cache-0 AND versionEndExcluding=1.4.1-6.SP14.1.ep1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jboss-remoting-0 AND versionEndExcluding=2.2.3-3.SP2.ep1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jboss-seam-0 AND versionEndExcluding=1.2.1-1.ep1.24.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jbossts-1 AND versionEndExcluding=4.2.3-1.SP5_CP09.1jpp.ep1.1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jbossweb-0 AND versionEndExcluding=2.0.0-6.CP13.0jpp.ep1.1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=rh-eap-docs-0 AND versionEndExcluding=4.2.0-7.GA_CP09.ep1.5.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=hibernate3-1 AND versionEndExcluding=3.2.4-1.SP1_CP10.0jpp.ep1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=hibernate3-annotations-0 AND versionEndExcluding=3.3.1-1.12.GA_CP03.ep1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jacorb-0 AND versionEndExcluding=2.3.0-1jpp.ep1.10.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jboss-aop-0 AND versionEndExcluding=1.5.5-3.CP05.2.ep1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jbossas-0 AND versionEndExcluding=4.2.0-6.GA_CP09.6.ep1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jboss-cache-0 AND versionEndExcluding=1.4.1-6.SP14.1.ep1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jboss-remoting-0 AND versionEndExcluding=2.2.3-3.SP2.ep1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jboss-seam-0 AND versionEndExcluding=1.2.1-1.ep1.24.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jbossts-1 AND versionEndExcluding=4.2.3-1.SP5_CP09.1jpp.ep1.1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=jbossweb-0 AND versionEndExcluding=2.0.0-6.CP13.0jpp.ep1.1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=rh-eap-docs-0 AND versionEndExcluding=4.2.0-7.GA_CP09.ep1.4.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.2.0
AND
product=hibernate3-1 AND versionEndExcluding=3.2.4-1.SP1_CP10.0jpp.ep1.1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=hibernate3-annotations-0 AND versionEndExcluding=3.3.1-1.12.GA_CP03.ep1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=hsqldb-1 AND versionEndExcluding=1.8.0.8-3.patch03.1jpp.ep1.3.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jacorb-0 AND versionEndExcluding=2.3.0-1jpp.ep1.10.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jakarta-commons-httpclient-1 AND versionEndExcluding=3.0.1-1.patch01.1jpp.ep1.4.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jboss-aop-0 AND versionEndExcluding=1.5.5-3.CP05.2.ep1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jbossas-0 AND versionEndExcluding=4.3.0-7.GA_CP08.5.ep1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jboss-cache-0 AND versionEndExcluding=1.4.1-6.SP14.1.ep1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jboss-messaging-0 AND versionEndExcluding=1.4.0-3.SP3_CP10.2.ep1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jboss-remoting-0 AND versionEndExcluding=2.2.3-3.SP2.ep1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jboss-seam-0 AND versionEndExcluding=1.2.1-3.JBPAPP_4_3_0_GA.ep1.20.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jboss-seam2-0 AND versionEndExcluding=2.0.2.FP-1.ep1.23.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jbossts-1 AND versionEndExcluding=4.2.3-1.SP5_CP09.1jpp.ep1.1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jbossweb-0 AND versionEndExcluding=2.0.0-6.CP13.0jpp.ep1.1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jbossws-0 AND versionEndExcluding=2.0.1-5.SP2_CP08.1.ep1.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=rh-eap-docs-0 AND versionEndExcluding=4.3.0-7.GA_CP08.ep1.6.el4
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=hibernate3-1 AND versionEndExcluding=3.2.4-1.SP1_CP10.0jpp.ep1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=hibernate3-annotations-0 AND versionEndExcluding=3.3.1-1.12.GA_CP03.ep1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jacorb-0 AND versionEndExcluding=2.3.0-1jpp.ep1.10.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jboss-aop-0 AND versionEndExcluding=1.5.5-3.CP05.2.ep1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jbossas-0 AND versionEndExcluding=4.3.0-7.GA_CP08.5.ep1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jboss-cache-0 AND versionEndExcluding=1.4.1-6.SP14.1.ep1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jboss-messaging-0 AND versionEndExcluding=1.4.0-3.SP3_CP10.2.ep1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jboss-remoting-0 AND versionEndExcluding=2.2.3-3.SP2.ep1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jboss-seam-0 AND versionEndExcluding=1.2.1-3.JBPAPP_4_3_0_GA.ep1.20.el5.1
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jboss-seam2-0 AND versionEndExcluding=2.0.2.FP-1.ep1.23.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jbossts-1 AND versionEndExcluding=4.2.3-1.SP5_CP09.1jpp.ep1.1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jbossweb-0 AND versionEndExcluding=2.0.0-6.CP13.0jpp.ep1.1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=jbossws-0 AND versionEndExcluding=2.0.1-5.SP2_CP08.1.ep1.1.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
AND
product=rh-eap-docs-0 AND versionEndExcluding=4.3.0-7.GA_CP08.ep1.5.el5
vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=4.3.0
 

Reference

 


Keywords

REDHAT

 

CVE-2010-0738

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.