Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2010-1429

Published: Apr 28, 2010 | Modified: Apr 11, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
5 LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V3
Ubuntu
Vulnerability-free packages from our partners
root.io logo minimus.io logo echo.ai logo
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2010-1429
CWEhttps://cwe.mitre.org/data/definitions/264.html

Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about deployed web contexts via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.

Affected Software

NameVendorStart VersionEnd Version
Jboss_enterprise_application_platformRedhat*4.2.0 (including)
Jboss_enterprise_application_platformRedhat*4.3.0 (including)
Jboss_enterprise_application_platformRedhat4.2 (including)4.2 (including)
Jboss_enterprise_application_platformRedhat4.2.0-cp01 (including)4.2.0-cp01 (including)
Jboss_enterprise_application_platformRedhat4.2.0-cp02 (including)4.2.0-cp02 (including)
Jboss_enterprise_application_platformRedhat4.2.0-cp03 (including)4.2.0-cp03 (including)
Jboss_enterprise_application_platformRedhat4.2.0-cp04 (including)4.2.0-cp04 (including)
Jboss_enterprise_application_platformRedhat4.2.0-cp05 (including)4.2.0-cp05 (including)
Jboss_enterprise_application_platformRedhat4.2.0-cp06 (including)4.2.0-cp06 (including)
Jboss_enterprise_application_platformRedhat4.2.0-cp07 (including)4.2.0-cp07 (including)
Jboss_enterprise_application_platformRedhat4.3 (including)4.3 (including)
Jboss_enterprise_application_platformRedhat4.3.0-cp01 (including)4.3.0-cp01 (including)
Jboss_enterprise_application_platformRedhat4.3.0-cp02 (including)4.3.0-cp02 (including)
Jboss_enterprise_application_platformRedhat4.3.0-cp03 (including)4.3.0-cp03 (including)
Jboss_enterprise_application_platformRedhat4.3.0-cp04 (including)4.3.0-cp04 (including)
Jboss_enterprise_application_platformRedhat4.3.0-cp05 (including)4.3.0-cp05 (including)
Jboss_enterprise_application_platformRedhat4.3.0-cp06 (including)4.3.0-cp06 (including)
JBEAP 4.2.0 for RHEL 4RedHathibernate3-1:3.2.4-1.SP1_CP10.0jpp.ep1.1.el4*
JBEAP 4.2.0 for RHEL 4RedHathibernate3-annotations-0:3.3.1-1.12.GA_CP03.ep1.el4*
JBEAP 4.2.0 for RHEL 4RedHathsqldb-1:1.8.0.8-3.patch03.1jpp.ep1.3.el4*
JBEAP 4.2.0 for RHEL 4RedHatjacorb-0:2.3.0-1jpp.ep1.10.el4*
JBEAP 4.2.0 for RHEL 4RedHatjakarta-commons-httpclient-1:3.0.1-1.patch01.1jpp.ep1.4.el4*
JBEAP 4.2.0 for RHEL 4RedHatjboss-aop-0:1.5.5-3.CP05.2.ep1.el4*
JBEAP 4.2.0 for RHEL 4RedHatjbossas-0:4.2.0-6.GA_CP09.6.ep1.el4*
JBEAP 4.2.0 for RHEL 4RedHatjboss-cache-0:1.4.1-6.SP14.1.ep1.el4*
JBEAP 4.2.0 for RHEL 4RedHatjboss-remoting-0:2.2.3-3.SP2.ep1.el4*
JBEAP 4.2.0 for RHEL 4RedHatjboss-seam-0:1.2.1-1.ep1.24.el4*
JBEAP 4.2.0 for RHEL 4RedHatjbossts-1:4.2.3-1.SP5_CP09.1jpp.ep1.1.el4*
JBEAP 4.2.0 for RHEL 4RedHatjbossweb-0:2.0.0-6.CP13.0jpp.ep1.1.el4*
JBEAP 4.2.0 for RHEL 4RedHatrh-eap-docs-0:4.2.0-7.GA_CP09.ep1.5.el4*
JBEAP 4.2.0 for RHEL 5RedHathibernate3-1:3.2.4-1.SP1_CP10.0jpp.ep1.1.el5*
JBEAP 4.2.0 for RHEL 5RedHathibernate3-annotations-0:3.3.1-1.12.GA_CP03.ep1.el5*
JBEAP 4.2.0 for RHEL 5RedHatjacorb-0:2.3.0-1jpp.ep1.10.1.el5*
JBEAP 4.2.0 for RHEL 5RedHatjboss-aop-0:1.5.5-3.CP05.2.ep1.1.el5*
JBEAP 4.2.0 for RHEL 5RedHatjbossas-0:4.2.0-6.GA_CP09.6.ep1.el5*
JBEAP 4.2.0 for RHEL 5RedHatjboss-cache-0:1.4.1-6.SP14.1.ep1.1.el5*
JBEAP 4.2.0 for RHEL 5RedHatjboss-remoting-0:2.2.3-3.SP2.ep1.1.el5*
JBEAP 4.2.0 for RHEL 5RedHatjboss-seam-0:1.2.1-1.ep1.24.el5*
JBEAP 4.2.0 for RHEL 5RedHatjbossts-1:4.2.3-1.SP5_CP09.1jpp.ep1.1.1.el5*
JBEAP 4.2.0 for RHEL 5RedHatjbossweb-0:2.0.0-6.CP13.0jpp.ep1.1.1.el5*
JBEAP 4.2.0 for RHEL 5RedHatrh-eap-docs-0:4.2.0-7.GA_CP09.ep1.4.1.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHathibernate3-1:3.2.4-1.SP1_CP10.0jpp.ep1.1.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHathibernate3-annotations-0:3.3.1-1.12.GA_CP03.ep1.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHathsqldb-1:1.8.0.8-3.patch03.1jpp.ep1.3.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatjacorb-0:2.3.0-1jpp.ep1.10.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatjakarta-commons-httpclient-1:3.0.1-1.patch01.1jpp.ep1.4.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatjboss-aop-0:1.5.5-3.CP05.2.ep1.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatjbossas-0:4.3.0-7.GA_CP08.5.ep1.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatjboss-cache-0:1.4.1-6.SP14.1.ep1.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatjboss-messaging-0:1.4.0-3.SP3_CP10.2.ep1.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatjboss-remoting-0:2.2.3-3.SP2.ep1.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatjboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.20.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatjboss-seam2-0:2.0.2.FP-1.ep1.23.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatjbossts-1:4.2.3-1.SP5_CP09.1jpp.ep1.1.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatjbossweb-0:2.0.0-6.CP13.0jpp.ep1.1.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatjbossws-0:2.0.1-5.SP2_CP08.1.ep1.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4RedHatrh-eap-docs-0:4.3.0-7.GA_CP08.ep1.6.el4*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHathibernate3-1:3.2.4-1.SP1_CP10.0jpp.ep1.1.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHathibernate3-annotations-0:3.3.1-1.12.GA_CP03.ep1.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHatjacorb-0:2.3.0-1jpp.ep1.10.1.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHatjboss-aop-0:1.5.5-3.CP05.2.ep1.1.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHatjbossas-0:4.3.0-7.GA_CP08.5.ep1.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHatjboss-cache-0:1.4.1-6.SP14.1.ep1.1.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHatjboss-messaging-0:1.4.0-3.SP3_CP10.2.ep1.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHatjboss-remoting-0:2.2.3-3.SP2.ep1.1.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHatjboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.20.el5.1*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHatjboss-seam2-0:2.0.2.FP-1.ep1.23.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHatjbossts-1:4.2.3-1.SP5_CP09.1jpp.ep1.1.1.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHatjbossweb-0:2.0.0-6.CP13.0jpp.ep1.1.1.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHatjbossws-0:2.0.1-5.SP2_CP08.1.ep1.1.el5*
Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5RedHatrh-eap-docs-0:4.3.0-7.GA_CP08.ep1.5.el5*

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2026 Aqua Security Software Ltd.   Privacy Policy | Terms of Use