{"api_version":"1","generated_at":"2026-04-25T18:18:37+00:00","cve":"CVE-2010-1871","urls":{"html":"https://cve.report/CVE-2010-1871","api":"https://cve.report/api/cve/CVE-2010-1871.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2010-1871","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2010-1871"},"summary":{"title":"CVE-2010-1871","description":"JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.","state":"PUBLISHED","assigner":"mitre","published_at":"2010-08-05 13:23:09","updated_at":"2026-04-22 14:14:18"},"problem_types":["CWE-917","n/a","CWE-917 CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"8.8","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"ADP","type":"DECLARED","score":"8.8","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"8.8","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"6.8","severity":"","vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html","name":"http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://www.securitytracker.com/id?1024253","name":"http://www.securitytracker.com/id?1024253","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"],"title":"SecurityTracker.com Archives - JBoss Seam Input Validation Flaw in Processing JBoss Expression Language Expressions Lets Remote Users Execute Arbitrary Code","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/41994","name":"http://www.securityfocus.com/bid/41994","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"],"title":"JBoss Seam Parameterized EL Expressions Remote Code Execution Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1871","name":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1871","refsource":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"http://www.vupen.com/english/advisories/2010/1929","name":"http://www.vupen.com/english/advisories/2010/1929","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=615956","name":"https://bugzilla.redhat.com/show_bug.cgi?id=615956","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"],"title":"Bug 615956 – CVE-2010-1871 JBoss Seam / Seam2: Improper sanitization of parametrized JBoss EL expressions (ACE)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2010-0564.html","name":"http://www.redhat.com/support/errata/RHSA-2010-0564.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20161017-0001/","name":"https://security.netapp.com/advisory/ntap-20161017-0001/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"CVE-2010-1871 JBoss Seam Vulnerability in Multiple NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/60794","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/60794","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2010-1871","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1871","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[{"source":"ADP","time":"2021-12-10T00:00:00.000Z","lang":"en","value":"CVE-2010-1871 added to CISA KEV"}],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2010","cve_id":"1871","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"oncommand_balance","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"1871","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"oncommand_insight","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"1871","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"oncommand_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"clustered_data_ontap","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"1871","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"1871","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"1871","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"jboss_enterprise_application_platform","cpe6":"4.3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":{"cve_year":"2010","cve_id":"1871","cve":"CVE-2010-1871","vendorProject":"Red Hat","product":"JBoss Seam 2","vulnerabilityName":"Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability","dateAdded":"2021-12-10","shortDescription":"JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured.","requiredAction":"Apply updates per vendor instructions.","dueDate":"2022-06-10","knownRansomwareCampaignUse":"Unknown","notes":"https://nvd.nist.gov/vuln/detail/CVE-2010-1871","cwes":"CWE-20","catalogVersion":"2026.04.24","updated_at":"2026-04-24 17:59:34"},"epss":{"cve_year":"2010","cve_id":"1871","cve":"CVE-2010-1871","epss":"0.936360000","percentile":"0.998430000","score_date":"2026-04-24","updated_at":"2026-04-25 00:14:37"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T01:35:53.728Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"41994","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/41994"},{"name":"20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html"},{"name":"1024253","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1024253"},{"name":"ADV-2010-1929","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/1929"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=615956"},{"name":"seam-expressions-code-execution(60794)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/60794"},{"name":"RHSA-2010:0564","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0564.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://security.netapp.com/advisory/ntap-20161017-0001/"}],"title":"CVE Program Container"},{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"}},{"other":{"content":{"id":"CVE-2010-1871","options":[{"Exploitation":"active"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2025-02-10T19:33:04.339981Z","version":"2.0.3"},"type":"ssvc"}},{"other":{"content":{"dateAdded":"2021-12-10","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1871"},"type":"kev"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-917","description":"CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2025-10-22T00:05:51.923Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"references":[{"tags":["government-resource"],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1871"}],"timeline":[{"lang":"en","time":"2021-12-10T00:00:00.000Z","value":"CVE-2010-1871 added to CISA KEV"}],"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2010-07-19T00:00:00.000Z","descriptions":[{"lang":"en","value":"JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-11-09T10:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"41994","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/41994"},{"name":"20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html"},{"name":"1024253","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1024253"},{"name":"ADV-2010-1929","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/1929"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=615956"},{"name":"seam-expressions-code-execution(60794)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/60794"},{"name":"RHSA-2010:0564","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2010-0564.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://security.netapp.com/advisory/ntap-20161017-0001/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2010-1871","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"41994","refsource":"BID","url":"http://www.securityfocus.com/bid/41994"},{"name":"20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)","refsource":"BUGTRAQ","url":"http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html"},{"name":"1024253","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1024253"},{"name":"ADV-2010-1929","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2010/1929"},{"name":"https://bugzilla.redhat.com/show_bug.cgi?id=615956","refsource":"CONFIRM","url":"https://bugzilla.redhat.com/show_bug.cgi?id=615956"},{"name":"seam-expressions-code-execution(60794)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/60794"},{"name":"RHSA-2010:0564","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2010-0564.html"},{"name":"https://security.netapp.com/advisory/ntap-20161017-0001/","refsource":"CONFIRM","url":"https://security.netapp.com/advisory/ntap-20161017-0001/"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2010-1871","datePublished":"2010-08-04T19:00:00.000Z","dateReserved":"2010-05-10T00:00:00.000Z","dateUpdated":"2025-10-22T00:05:51.923Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2010-08-05 13:23:09","lastModifiedDate":"2026-04-22 14:14:18","problem_types":["CWE-917","n/a","CWE-917 CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*","matchCriteriaId":"E82B2AD8-967D-4ABE-982B-87B9DE73F8D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*","matchCriteriaId":"CA2C244C-82F6-49BC-B7F7-54AB989C43E8"},{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*","matchCriteriaId":"AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*","matchCriteriaId":"7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*","matchCriteriaId":"F1BE6C1F-2565-4E97-92AA-16563E5660A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*","matchCriteriaId":"95B173E0-1475-4F8D-A982-86F36BE3DD4A"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2010","CveId":"1871","Ordinal":"1","Title":"CVE-2010-1871","CVE":"CVE-2010-1871","Year":"2010"},"notes":[{"CveYear":"2010","CveId":"1871","Ordinal":"1","NoteData":"JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.","Type":"Description","Title":"CVE-2010-1871"},{"CveYear":"2010","CveId":"1871","Ordinal":"2","NoteData":"2010-08-04","Type":"Other","Title":"Published"},{"CveYear":"2010","CveId":"1871","Ordinal":"3","NoteData":"2017-11-09","Type":"Other","Title":"Modified"}]}}}