JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)
14 September 2012
The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests.
CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Pearson VUE is part of Pearson, the world's largest learning company. Over 450 credential owners (including IT organizations such as IBM, Adobe, etc.) across the globe use the company's solutions to develop, manage, deliver and grow their testing programs.
Ivan Ristic is well-known in the information security world, and his name has become almost a synonym for SSL Labs. Before that, he was mostly known for his work with OWASP and the development of ModSecurity.