JBoss Enterprise Application Platform '/web-console' Authentication Bypass
Medium Nessus Plugin ID 46181
SynopsisThe remote web server is configured insecurely, leaving it vulnerable to security bypass attacks.
DescriptionThe version of JBoss Enterprise Application Platform (EAP) running on the remote host allows unauthenticated access to certain documents under the '/web-console' directory. This is due to a misconfiguration in 'web.xml' that only requires authentication for GET and POST requests. Specifying a different command such as HEAD, DELETE or PUT causes the default GET handler to be used without authentication.
A remote attacker can exploit this to obtain sensitive information without providing authentication.
This version of JBoss EAP likely has other vulnerabilities, though Nessus has not checked for those issues.
SolutionUpgrade to JBoss EAP version 4.2.0.CP09 / 4.3.0.CP08 or later.