Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote attackers to perform privileged actions as administrators via certain MBean operations, a different vulnerability than CVE-2006-3733.
CVSS Score
7.6
HIGH
AV:N/AC:H/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jboss | Jboss | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/33142
- http://www.securityfocus.com/archive/1/460934/100/0/threaded
- http://www.securityfocus.com/archive/1/461004/100/0/threadedVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32673
- http://osvdb.org/33142
- http://www.securityfocus.com/archive/1/460934/100/0/threaded
- http://www.securityfocus.com/archive/1/461004/100/0/threadedVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32673
FAQ
What is CVE-2007-1157?
CVE-2007-1157 is a vulnerability with a CVSS score of 7.6 (HIGH). Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote attackers to perform privileged actions as administrators via certain MBean operations, a different vu...
How severe is CVE-2007-1157?
CVE-2007-1157 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1157?
Check the references section above for vendor advisories and patch information. Affected products include: Jboss Jboss.