RHSA-2017:0826

Description

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.14 update on RHEL 5

CVSS Metrics

• v3.0•HIGH•Score: 7.8CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•apache-cxf

  < 0:2.7.18-6.SP5_redhat_1.1.ep6.el5

• redhat•hornetq

  < 0:2.3.25-19.SP17_redhat_1.1.ep6.el5

• redhat•infinispan

  < 0:5.2.21-1.Final_redhat_1.1.ep6.el5

• redhat•infinispan-cachestore-jdbc

  < 0:5.2.21-1.Final_redhat_1.1.ep6.el5

• redhat•infinispan-cachestore-remote

  < 0:5.2.21-1.Final_redhat_1.1.ep6.el5

• redhat•infinispan-client-hotrod

  < 0:5.2.21-1.Final_redhat_1.1.ep6.el5

• redhat•infinispan-core

  < 0:5.2.21-1.Final_redhat_1.1.ep6.el5

• redhat•jboss-as-appclient

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-cli

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-client-all

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-clustering

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-cmp

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-configadmin

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-connector

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-controller

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-controller-client

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-core-security

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-deployment-repository

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-deployment-scanner

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-domain-http

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-domain-management

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-ee

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-ee-deployment

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-ejb3

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-embedded

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-host-controller

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-jacorb

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-jaxr

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-jaxrs

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-jdr

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-jmx

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-jpa

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-jsf

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-jsr77

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-logging

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-mail

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-management-client-content

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-messaging

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-modcluster

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-naming

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-network

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-osgi

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-osgi-configadmin

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-osgi-service

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-picketlink

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-platform-mbean

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-pojo

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-process-controller

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-protocol

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

• redhat•jboss-as-remoting

  < 0:7.5.14-2.Final_redhat_2.1.ep6.el5

Showing first 50 affected entries in server-rendered view.

References (20)

• https://access.redhat.com/errata/RHSA-2017:0826
• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/?version=6.4
• https://bugzilla.redhat.com/show_bug.cgi?id=1372120
• https://bugzilla.redhat.com/show_bug.cgi?id=1400343
• https://bugzilla.redhat.com/show_bug.cgi?id=1419594
• https://bugzilla.redhat.com/show_bug.cgi?id=1419647
• https://bugzilla.redhat.com/show_bug.cgi?id=1422148
• https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0826.json
• https://access.redhat.com/security/cve/CVE-2016-6346
• https://www.cve.org/CVERecord?id=CVE-2016-6346
• https://nvd.nist.gov/vuln/detail/CVE-2016-6346
• https://access.redhat.com/security/cve/CVE-2016-8657
• https://www.cve.org/CVERecord?id=CVE-2016-8657
• https://nvd.nist.gov/vuln/detail/CVE-2016-8657
• https://access.redhat.com/security/cve/CVE-2017-6056
• https://www.cve.org/CVERecord?id=CVE-2017-6056
• https://nvd.nist.gov/vuln/detail/CVE-2017-6056
• http://tomcat.apache.org/security-7.html
• https://access.redhat.com/articles/2991951