jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System (CS-MARS) prior to 4.2.1, allows remote malicious users to gain privileges as the CS-MARS administrator and execute arbitrary Java code via an invokeOp action in the BSHDeployer jboss.scripts service name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco security monitoring analysis and response system 4.2.0 |