CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1429

Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.196

EPSS Ranking 95.2%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2010-1429

Redhat » Jboss Enterprise Application Platform » Version: Any

cpe:2.3:a:redhat:jboss_enterprise_application_platform:*
Redhat » Jboss Enterprise Application Platform » Version: 4.2

cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2
Redhat » Jboss Enterprise Application Platform » Version: 4.2.0

cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.2.0
Redhat » Jboss Enterprise Application Platform » Version: 4.3

cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3
Redhat » Jboss Enterprise Application Platform » Version: 4.3.0

cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1429

Products

Pricing

Contact Us