jboss 漏洞问题?
请问这个漏洞 JBoss JMX Console Unrestricted Access 什么意思?
解决方案 具体怎么操作呢 下面是解决方案
Secure or remove access to the JMX and/or Web Console using the advanced installer options.
1同行回答
JBoss JMX Console Unrestricted Access Vulnerability
Vulnerability Assessment Summary
Tries to access the JMX and Web Consoles
Detailed Explanation for this Vulnerability Assessment
Summary :
The remote web server permits unauthenticated access to an
administrative Java servlet.
Description :
The remote web server appears to be a version of JBoss that permits
unauthenticated access to the JMX and/or Web Console servlets used to
manage JBoss and its services. A remote attacker can leverage this
issue to disclose sensitive information about the affected application
or even take control of it.
See also :
http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureTheJmxConsole
Solution :
Follow the Wiki article referenced above to secure access to the JMX /
Web Console.
Network Security Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Networks Security ID:
Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security
收起