CVE-2008-3273

JBoss Enterprise Application Platform < 4.2.0.CP03 and 4.3.0 < 4.3.0.CP01 - Information Disclosure via Status Servlet

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-3273. PoCs published by Tyler Krpata, Zach Grace <@ztgrace>, including Metasploit module auxiliary/scanner/http/jboss_vulnscan.

AI-analyzed exploit summary This Metasploit module scans JBoss instances for multiple vulnerabilities, including CVE-2008-3273, by checking for unauthenticated access to sensitive endpoints and default credentials. It does not exploit the vulnerabilities but detects their presence.

Description

JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string.

Exploits (2)

metasploit SCANNER
by Tyler Krpata, Zach Grace <@ztgrace> · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/jboss_vulnscan.rb

This Metasploit module scans JBoss instances for multiple vulnerabilities, including CVE-2008-3273, by checking for unauthenticated access to sensitive endpoints and default credentials. It does not exploit the vulnerabilities but detects their presence.

Classification
Scanner 100%
Attack Type
Info Leak | Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: JBoss Application Server
No auth needed
Prerequisites: Network access to the JBoss instance
devstral-2 · analyzed Jun 05, 2026 Full analysis →
metasploit SCANNER
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/jboss_status.rb

This Metasploit auxiliary module queries the JBoss status servlet to collect sensitive information such as URL paths, GET parameters, and client IP addresses. It is designed for information gathering and does not contain offensive techniques like reverse shells or command injection.

Classification
Scanner 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: JBoss Application Server (tested on 4.0, 4.2.2, 4.2.3)
No auth needed
Prerequisites: Access to the JBoss status servlet endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (12)

Core 12
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2008-0828.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2008-0826.html
Mailing List vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=132698550418872&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44235
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2008-0827.html
Various Sources x_refsource_confirm
https://jira.jboss.org/jira/browse/JBPAPP-544
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2008-0825.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1020628
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30540

Scores

EPSS 0.4711
EPSS Percentile 98.7%

Details

CWE
CWE-264
Status published
Products (3)
jboss/enterprise_application_platform 4.2.0.cp01
jboss/enterprise_application_platform 4.2.0.cp02
jboss/enterprise_application_platform < 4.2.0.cp03
Published Aug 10, 2008
Tracked Since Feb 18, 2026