CVE-2010-3878

Table of Contents

Impact:
Moderate
Public Date:
2010-06-15
CWE:
CWE-352
Bugzilla:
604617: CVE-2010-3878 JBoss EAP jmx console FileDeployment CSRF

The MITRE CVE dictionary describes this issue as:

Cross-site request forgery (CSRF) vulnerability in the JMX Console in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 before 4.3.0.CP09 allows remote attackers to hijack the authentication of administrators for requests that deploy WAR files.

Find out more about CVE-2010-3878 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 4
Base Metrics AV:N/AC:L/Au:S/C:N/I:P/A:N
Access Vector Network
Access Complexity Low
Authentication Single
Confidentiality Impact None
Integrity Impact Partial
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat JBoss Enterprise Application Platform 4.3 RHSA-2010:0939 2010-12-01
Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server RHSA-2010:0938 2010-12-01
Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS RHSA-2010:0937 2010-12-01
Last Modified

CVE description copyright © 2017, The MITRE Corporation