CVE Record: CVE-2008-3273

Required CVE Record Information

Description

JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string.

Product Status

Learn more

Information not provided

References 13 Total

Updated: 2024-08-07

This container includes required additional information provided by the CVE Program for this vulnerability.

References 13 Total

rhn.redhat.com: RHSA-2008:0828
external site
vendor-advisoryx_transferred
rhn.redhat.com: RHSA-2008:0826
external site
vendor-advisoryx_transferred
marc.info: HPSBMU02736
external site
vendor-advisoryx_transferred
http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp03/html-single/readme/index.html
external site
x_transferred
exchange.xforce.ibmcloud.com: jbosseap-statusservlet-info-disclosure(44235)
external site
vdb-entryx_transferred
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=457757
external site
x_transferred
http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.3.0.cp01/html-single/readme/
external site
x_transferred
rhn.redhat.com: RHSA-2008:0827
external site
vendor-advisoryx_transferred
marc.info: SSRT100699
external site
vendor-advisoryx_transferred
https://jira.jboss.org/jira/browse/JBPAPP-544
external site
x_transferred
rhn.redhat.com: RHSA-2008:0825
external site
vendor-advisoryx_transferred
securitytracker.com: 1020628
external site
vdb-entryx_transferred
securityfocus.com: 30540
external site
vdb-entryx_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Red Hat, Inc.

Description

Product Status

References 13 Total

CVE Program

References 13 Total