The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote malicious users to bypass authentication and gain administrative access via direct requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jboss jboss application server |