JBoss needs to be updated

According to an exploit that was published in October by Andrea Micalizz, users of JBoss need to patch their software. There is a a rising number of attacks against the system, according to Imperva.

Remote attackers could arbitrary code execution access to HP's PCM Plus and Application Lifecycle Management systems without authentication.

The attack also works against McAfee, Symantec and IBM products using JBoss 4.x and 5.x

Currently there are 23,000 servers exposed. Up from 7,000 in 2011.

HP updated its JBoss implementation here.