RHSA-2016:1838

Description

Red Hat Security Advisory: JBoss Enterprise Application Platform 7.0.2 on RHEL 6

CVSS Metrics

• v3.0•HIGH•Score: 7.6CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L

Affected Systems

• redhat•eap7-activemq-artemis

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-cli

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-commons

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-core-client

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-dto

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-hornetq-protocol

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-hqclient-protocol

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-jms-client

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-jms-server

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-journal

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-native

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-ra

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-selector

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-server

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-service-extensions

  < 0:1.1.0-15.SP18_redhat_1.1.ep7.el6

• redhat•eap7-apache-cxf

  < 0:3.1.6-1.redhat_1.1.ep7.el6

• redhat•eap7-apache-cxf-rt

  < 0:3.1.6-1.redhat_1.1.ep7.el6

• redhat•eap7-apache-cxf-services

  < 0:3.1.6-1.redhat_1.1.ep7.el6

• redhat•eap7-apache-cxf-tools

  < 0:3.1.6-1.redhat_1.1.ep7.el6

• redhat•eap7-jberet

  < 0:1.2.1-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-jberet-core

  < 0:1.2.1-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-jboss-jstl-api_1.2_spec

  < 0:1.1.3-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-jboss-security-negotiation

  < 0:3.0.3-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-jbossws-common

  < 0:3.1.3-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-jbossws-cxf

  < 0:5.1.5-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-jbossws-spi

  < 0:3.1.2-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-jgroups

  < 0:3.6.10-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-mod_cluster

  < 0:1.3.3-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-picketbox

  < 0:4.9.7-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-picketbox-infinispan

  < 0:4.9.7-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-api

  < 0:2.5.5-3.SP3_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-bindings

  < 0:2.5.5-3.SP3_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-common

  < 0:2.5.5-3.SP3_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-config

  < 0:2.5.5-3.SP3_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-federation

  < 0:2.5.5-3.SP3_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-idm-api

  < 0:2.5.5-3.SP3_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-idm-impl

  < 0:2.5.5-3.SP3_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-idm-simple-schema

  < 0:2.5.5-3.SP3_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-impl

  < 0:2.5.5-3.SP3_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-wildfly8

  < 0:2.5.5-3.SP3_redhat_1.1.ep7.el6

• redhat•eap7-resteasy

  < 0:3.0.18-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-async-http-servlet-3.0

  < 0:3.0.18-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-atom-provider

  < 0:3.0.18-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-cdi

  < 0:3.0.18-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-client

  < 0:3.0.18-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-crypto

  < 0:3.0.18-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-jackson-provider

  < 0:3.0.18-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-jackson2-provider

  < 0:3.0.18-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-jaxb-provider

  < 0:3.0.18-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-jaxrs

  < 0:3.0.18-1.Final_redhat_1.1.ep7.el6

Showing first 50 affected entries in server-rendered view.

References (18)

• https://access.redhat.com/errata/RHSA-2016:1838
• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/702-release-notes/
• https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/?version=7.0/
• https://bugzilla.redhat.com/show_bug.cgi?id=1198606
• https://bugzilla.redhat.com/show_bug.cgi?id=1344321
• https://bugzilla.redhat.com/show_bug.cgi?id=1359014
• https://issues.redhat.com/browse/JBEAP-4731
• https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_1838.json
• https://access.redhat.com/security/cve/CVE-2015-0254
• https://www.cve.org/CVERecord?id=CVE-2015-0254
• https://nvd.nist.gov/vuln/detail/CVE-2015-0254
• https://access.redhat.com/security/cve/CVE-2016-4993
• https://www.cve.org/CVERecord?id=CVE-2016-4993
• https://nvd.nist.gov/vuln/detail/CVE-2016-4993
• https://access.redhat.com/security/cve/CVE-2016-5406
• https://www.cve.org/CVERecord?id=CVE-2016-5406
• https://nvd.nist.gov/vuln/detail/CVE-2016-5406