Does CVE-2013-4810 affect Red Hat JBoss products?

Solution Verified - Updated -

Issue

70414 - Apache Tomcat / JBoss EJBInvokerServlet / JMXInvokerServlet Marshalled Object Remote
  • Does CVE-2013-4810 affect Red Hat JBoss products?
  • Does Red Hat JBoss EJBInvokerServlet is Accessible to Unauthenticated Remote Users which is reported as CVE-2012-0874 affect EAP 6?
  • The is a question regarding a vulnerability, JBoss EJBInvokerServlet / JMXInvokerServlet Marshalled Object Remote Code Execution, The EBJInvokerServlet' and 'JMXInvokerServlet' servlets hosted on the web server can be used to deploy arbitrary web application archive (WAR) files to the remote host? Is there a patch or a fix for the same?

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 4.x
    • 5.x
    • 6.x
  • Red Hat JBoss Portal
    • 4.x
    • 5.x
    • 6.x
  • Red Hat JBoss Enterprise SOA Platform (SOA-P)
    • 4.x
    • 5.x
  • Red Hat JBoss Enterprise BRMS Platform (BRMS)
    • 5.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content