[jboss-user] [Beginner's Corner] - question about JBOSS version 4.2.2

Ed Mahan do-not-reply at jboss.com
Tue Mar 27 14:30:57 EDT 2012


Ed Mahan [https://community.jboss.org/people/edman007] created the discussion

"question about JBOSS version 4.2.2"

To view the discussion, visit: https://community.jboss.org/message/726698#726698

--------------------------------------------------------------
Hello Experts, I have some questions regarding Cisco Fabric and Device manager applications

Problem description from customer: 

During an internal penetration test within the company, JBOSS components running within Cisco Fabric and Device Manager were listed as potential security vulnerabilities.  The report stated that JBOSS needed to be upgraded to version 4.3.0 CP08 or later.  At that time, they were running version 5.04 for both Fabric Manager and Device Manager.  In an attempt to upgrade the JBOSS components, Customer upgraded these applications and switch firmware to version 5.0(4b).  This did upgrade JBOSS to version 4.2.2 .

Customer would like more information if there is in fact a security vulnerability within these applications and if so how to isolate or eliminate these vulnerabilities. I am not sure what penetration test tool was used and did not receive this information.
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/726698#726698]

Start a new discussion in Beginner's Corner at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20120327/e2374971/attachment.html 


More information about the jboss-user mailing list