← Zuruck zu CVEs
CVE-2010-1871
HIGHCISA KEV8.8
Beschreibung
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.
CVE Details
CVSS v3.1 Bewertung8.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionREQUIRED
Veroffentlicht8/5/2010
Zuletzt geandert4/22/2026
Quellekev
Honeypot-Sichtungen0
CISA KEV
HerstellerRed Hat
ProduktJBoss Seam 2
SchwachstellennameRed Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability
KEV Aufnahmedatum2021-12-10
Behebungsfrist2022-06-10
Ransomware-NutzungUnknown
Betroffene Produkte
netapp:oncommand_balancenetapp:oncommand_insightnetapp:oncommand_unified_managerredhat:enterprise_linuxredhat:jboss_enterprise_application_platform
Schwachen (CWE)
CWE-917CWE-917
Referenzen
http://www.redhat.com/support/errata/RHSA-2010-0564.html(cve@mitre.org)
http://www.securityfocus.com/bid/41994(cve@mitre.org)
http://www.securitytracker.com/id?1024253(cve@mitre.org)
http://www.vupen.com/english/advisories/2010/1929(cve@mitre.org)
https://bugzilla.redhat.com/show_bug.cgi?id=615956(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/60794(cve@mitre.org)
https://security.netapp.com/advisory/ntap-20161017-0001/(cve@mitre.org)
http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2010-0564.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/41994(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1024253(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/1929(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=615956(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/60794(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20161017-0001/(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1871(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.