Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Enterprise Application Platform

Jboss EAP

The JBoss Enterprise Application Platform is a subscription-based/open-source Java EE-based application server runtime platform used for building deploying and hosting highly-transactional Java applications and services developed and maintained by Red Hat

Official Site:

https://www.redhat.com/en/technologies/jboss-middleware/application-platform

Severity Summary:

Critical: 36 High: 79 Medium: 103 Low: 16
Reference
Title
Severity
CVE-2017-12196
Jboss EAP Incorrect Authorization Vulnerability
Medium
CVE-2016-9585
Jboss EAP Deserialization of Untrusted Data Vulnerability
Medium
CVE-2016-6311
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2016-7046
Jboss EAP Resource Management Errors Vulnerability
Medium
CVE-2020-25689
Jboss EAP Uncontrolled Resource Consumption Vulnerability
Medium
CVE-2013-6495
Jboss EAP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2014-7853
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2015-5178
Jboss EAP 7PK - Security Features Vulnerability
Medium
CVE-2014-3472
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2012-1154
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2012-3370
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2012-3369
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2012-0874
Jboss EAP Improper Authentication Vulnerability
Medium
CVE-2011-4575
Jboss EAP Improper Input Validation Vulnerability
Medium
CVE-2012-4550
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2012-1167
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2011-4314
Jboss EAP Improper Input Validation Vulnerability
Medium
CVE-2012-5478
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2011-2196
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2011-1484
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2010-3878
Jboss EAP Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2010-1871
Jboss EAP Improper Input Validation Vulnerability
Medium
CVE-2010-1429
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2010-1428
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2010-0738
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2014-3464
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2012-5575
Jboss EAP Cryptographic Issues Vulnerability
Medium
CVE-2011-1483
Jboss EAP Vulnerability
Medium
CVE-2014-0093
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2014-3518
Jboss EAP Improper Control of Generation of Code (Code Injection) Vulnerability
Medium