Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

JBoss EAP < 4.2.0.CP03 / 4.3.0.CP01 Status Servlet Information Disclosure



The remote web server contains a servlet that is affected by an information disclosure vulnerability.


The version of JBoss Enterprise Application Platform (EAP) running on the remote host allows unauthenticated access to the status servlet, which is used to monitor sessions and requests sent to the server.


Upgrade to version 4.2.0.CP03 / 4.3.0.CP01 or higher.