JBoss EAP < 4.2.0.CP03 / 4.3.0.CP01 Status Servlet Information Disclosure
Medium Nessus Network Monitor Plugin ID 4623
The remote web server contains a servlet that is affected by an information disclosure vulnerability.
The version of JBoss Enterprise Application Platform (EAP) running on the remote host allows unauthenticated access to the status servlet, which is used to monitor sessions and requests sent to the server.
Upgrade to version 4.2.0.CP03 / 4.3.0.CP01 or higher.