Description
It's possible to reach the status servlet on this JBoss system. The status servlet exposes details about the deployed servlets and makes it easier to identity the attack surface of an EAP installation.
Remediation
Restrict access to the status servlet.