NVD disclosure day

Published threat advisories for April 28, 2010

CVE-2010-1428

JBoss Web Console Information Disclosure Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A security flaw in Red Hat JBoss Enterprise Application Platform's Web Console permits remote attackers to access sensitive information. This could expose organizations to business risk through unauthorized data disclosure.

NVD published: April 28, 2010 • CISA KEV

CVE advisoryKnown Exploit

CVE-2010-0738

Red Hat JBoss EAP JMX-Console Method Bypass Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

The JBoss Enterprise Application Platform's JMX-Console web application has an access control flaw, allowing unauthorized access to its GET handler. This could expose sensitive operations or data to attackers. The U.S. CISA has identified this vulnerability as actively exploited in ransomware campaigns. Organizations s

NVD published: April 28, 2010 • CISA KEV