CVE-2010-0738 Ransomware

CISA description

The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.

Required action

Apply updates per vendor instructions.

Notes & references

• https://nvd.nist.gov/vuln/detail/CVE-2010-0738

Where this lands in 800-53

Vulnerability data triggers these controls during assessment and continuous monitoring.

• RA-5 · Vulnerability Monitoring and Scanning
• SI-2 · Flaw Remediation
• CM-6 · Configuration Settings
• SI-7 · Software, Firmware, and Information Integrity
• CM-8 · System Component Inventory

External lookups

• NVD · CVE-2010-0738
• CVE.org · CVE-2010-0738
• CISA KEV catalog (canonical)