CVE-2010-0738: Red Hat JBoss Authentication Bypass Vulnerability. The
Red Hat JBoss Authentication Bypass Vulnerability. The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
- CISA KEV-listed (remediation due 2022-06-15)
- used in ransomware campaigns
- EPSS 92.4% (99.7% percentile)