by Ionut Cernica
I found an old JBoss console on one of the AT&T subdomains https://espcare.att.com/
There was an old version of JBoss web application, the application was vulnerable to authentication bypass, not to mention that I was able to authenticate with default username and password.
Risk: I was able to deploy my desired application on the server and to send system commands.
I’ve made an responsible disclosure on 17.03.2014.
They asked me 2 questions:
“Our development team is needing answers to the following questions:
1. Would upgrading our JBOSS version will fix the issue? If yes, what version is being recommended as there could be a case where we need to check inter compatibility between multiple software we have installed on the server.
2. Do we need to change the credentials of jmx console?”
I tried hard not to be ironic when giving the answers.
They announced me on 17.05.2014 that they solved the problem!
1,080 total views, 1 views today