A widely unpatched vulnerability in JBoss Application Server (AS) discovered back in 2011 is opening up tens of thousands of enterprise data center servers to attack. At least 500 JBoss servers are at risk, according to a report out this week by Imperva. The vulnerability in question was actually found in 2011 by Luca Carettoni, at the time a senior security consultant for Matasano Security. Security experts say this is something that should have been caught by more organizations, given the age of the vulnerability discovery.”]
Source: https://www.darkreading.com/attacks-breaches/who-s-the-boss-over-your-jboss-servers-