RHSA-2017:0170

Description

Red Hat Security Advisory: JBoss Enterprise Application Platform 7.0.4 on RHEL 6

CVSS Metrics

• v3.0•MEDIUM•Score: 4.3CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected Systems

• redhat•eap7-apache-cxf

  < 0:3.1.8-3.redhat_1.1.ep7.el6

• redhat•eap7-apache-cxf-rt

  < 0:3.1.8-3.redhat_1.1.ep7.el6

• redhat•eap7-apache-cxf-services

  < 0:3.1.8-3.redhat_1.1.ep7.el6

• redhat•eap7-apache-cxf-tools

  < 0:3.1.8-3.redhat_1.1.ep7.el6

• redhat•eap7-infinispan

  < 0:8.1.6-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-infinispan-cachestore-jdbc

  < 0:8.1.6-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-infinispan-cachestore-remote

  < 0:8.1.6-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-infinispan-client-hotrod

  < 0:8.1.6-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-infinispan-commons

  < 0:8.1.6-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-infinispan-core

  < 0:8.1.6-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar

  < 0:1.3.5-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-common-api

  < 0:1.3.5-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-common-impl

  < 0:1.3.5-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-common-spi

  < 0:1.3.5-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-core-api

  < 0:1.3.5-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-core-impl

  < 0:1.3.5-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-deployers-common

  < 0:1.3.5-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-jdbc

  < 0:1.3.5-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-validator

  < 0:1.3.5-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-jboss-aesh

  < 0:0.66.12-1.redhat_1.1.ep7.el6

• redhat•eap7-jboss-ejb-client

  < 0:2.1.7-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-jboss-genericjms

  < 0:1.0.8-2.Final_redhat_1.1.ep7.el6

• redhat•eap7-jboss-transaction-spi

  < 0:7.3.0-2.SP1_redhat_1.1.ep7.el6

• redhat•eap7-jboss-xnio-base

  < 0:3.4.1-2.Final_redhat_1.1.ep7.el6

• redhat•eap7-narayana

  < 0:5.2.21-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-narayana-compensations

  < 0:5.2.21-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-narayana-jbosstxbridge

  < 0:5.2.21-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-narayana-jbossxts

  < 0:5.2.21-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-narayana-jts-idlj

  < 0:5.2.21-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-narayana-jts-integration

  < 0:5.2.21-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-narayana-restat-api

  < 0:5.2.21-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-narayana-restat-bridge

  < 0:5.2.21-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-narayana-restat-integration

  < 0:5.2.21-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-narayana-restat-util

  < 0:5.2.21-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-narayana-txframework

  < 0:5.2.21-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-api

  < 0:2.5.5-4.SP4_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-bindings

  < 0:2.5.5-4.SP4_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-common

  < 0:2.5.5-4.SP4_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-config

  < 0:2.5.5-4.SP4_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-federation

  < 0:2.5.5-4.SP4_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-idm-api

  < 0:2.5.5-4.SP4_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-idm-impl

  < 0:2.5.5-4.SP4_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-idm-simple-schema

  < 0:2.5.5-4.SP4_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-impl

  < 0:2.5.5-4.SP4_redhat_1.1.ep7.el6

• redhat•eap7-picketlink-wildfly8

  < 0:2.5.5-4.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy

  < 0:3.0.19-2.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-async-http-servlet-3.0

  < 0:3.0.19-2.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-atom-provider

  < 0:3.0.19-2.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-cdi

  < 0:3.0.19-2.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-client

  < 0:3.0.19-2.Final_redhat_1.1.ep7.el6

Showing first 50 affected entries in server-rendered view.

References (13)

• https://access.redhat.com/errata/RHSA-2017:0170
• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/
• https://bugzilla.redhat.com/show_bug.cgi?id=1380852
• https://bugzilla.redhat.com/show_bug.cgi?id=1388240
• https://issues.redhat.com/browse/JBEAP-5960
• https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0170.json
• https://access.redhat.com/security/cve/CVE-2016-7061
• https://www.cve.org/CVERecord?id=CVE-2016-7061
• https://nvd.nist.gov/vuln/detail/CVE-2016-7061
• https://access.redhat.com/security/cve/CVE-2016-8627
• https://www.cve.org/CVERecord?id=CVE-2016-8627
• https://nvd.nist.gov/vuln/detail/CVE-2016-8627