CVE-2010-0738

Name of the Vulnerable Software and Affected Versions Red Hat JBoss Enterprise Application Platform versions 4.2 through 4.2.0.CP08 and versions 4.3 through 4.3.0.CP07

Description The issue is related to insufficient access control in the JMX-Console web application. This allows remote attackers to send requests to the application's handler using a different method, potentially disclosing protected information.

Recommendations For versions 4.2 through 4.2.0.CP08, update to version 4.2.0.CP09 or later. For versions 4.3 through 4.3.0.CP07, update to version 4.3.0.CP08 or later. As a temporary workaround, consider restricting access to the JMX-Console web application until a patch is applied.