cbcvebase.
CVE-2010-1429
published 2010-04-28

CVE-2010-1429: Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain…

PriorityP343medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
53.73%
98.9th percentile
Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.

Affected

6 ranges
VendorProductVersion rangeFixed in
redhatjboss_enterprise_application_platform<= 4.2.0
redhatjboss_enterprise_application_platform<= 4.3.0
redhatjboss_enterprise_application_platform
redhatjboss_enterprise_application_platform
redhatjboss_enterprise_application_platform
redhatjboss_enterprise_application_platform

Detection & IOCsextracted from sources · hover to see the quote

url/status?full=true
commandGET /status?full=true
path/status
  • HTTP GET request to /status?full=true returning HTTP 200 with body containing 'JVM', 'memory', and 'localhost/' indicates a vulnerable JBoss EAP status servlet exposure
  • Shodan queries 'title:"JBoss"' or 'http.title:"jboss"' can identify exposed JBoss EAP instances potentially vulnerable to this status servlet information disclosure
  • Unauthenticated access to the JBoss status servlet exposes JVM memory stats, deployed web context paths, GET parameters, and client IP addresses — monitor for unauthenticated requests to /status with full=true parameter
  • The vulnerability was re-introduced by a bug fix in JBoss EAP 4.2.0.CP06 and 4.3.0.CP04; focus detection on those specific version ranges (4.2 before CP09, 4.3 before CP08)
  • ·The Metasploit jboss_status module was tested against specific JBoss versions; coverage may not extend to all affected releases
  • ·This CVE is a regression of CVE-2008-3273; environments that previously patched CVE-2008-3273 via CP03/CP01 but then applied CP06/CP04 updates may have re-introduced the vulnerability without awareness

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.