CVE-2010-1428
Red Hat JBoss Information Disclosure Vulnerability
CVSS
—
Sin CVSS
EPSS
62.3%
p99
KEV
SÍ
25 may 2022
Exploit Today
80
0-100
Publicado: — · Última mod.: —
62.3%EPSS · 30 días62.3%
2026-06-302026-07-16
Producto
Red Hat / JBoss
Vulnerabilidad
Red Hat JBoss Information Disclosure Vulnerability
Añadido a KEV
25 may 2022
Remediar antes de
15 jun 2022
Uso conocido en ransomware
Sí
Descripción resumida
Unauthenticated access to the JBoss Application Server Web Console (/web-console) is blocked by default. However, it was found that this block was incomplete, and only blocked GET and POST HTTP verbs. A remote attacker could use this flaw to gain access to sensitive information.
Acción requerida
Apply updates per vendor instructions.
Notas
https://nvd.nist.gov/vuln/detail/CVE-2010-1428
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2010-0738—99.6%
KEV—80Red Hat JBoss Authentication Bypass Vulnerability—