RHSA-2017:0872
Advisory lineage Upstream: 3 Downstream: 0
Published: 13 Sept 2024, 14:40
Last modified:18 Mar 2026, 11:30
Vulnerability Summary
Overall Risk (default)
medium
30/100 CVSS Score
7.5 HIGH
3.0 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
13 Sept 2024, 14:40
Published
Vulnerability first disclosed
18 Mar 2026, 11:30
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: Red Hat Single Sign-On 7.1 update on RHEL 6
CVSS Metrics
- v3.0•HIGH•Score: 7.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- redhat•rh-sso7
< 0:1-2.jbcs.el6
- redhat•rh-sso7-freemarker
< 0:2.3.23-1.redhat_2.2.jbcs.el6
- redhat•rh-sso7-javapackages-tools
< 0:3.4.1-5.15.3.jbcs.el6
- redhat•rh-sso7-keycloak
< 0:2.5.5-2.Final_redhat_1.1.jbcs.el6
- redhat•rh-sso7-keycloak-server
< 0:2.5.5-2.Final_redhat_1.1.jbcs.el6
- redhat•rh-sso7-libunix-dbus-java
< 0:0.8.0-2.jbcs.el6
- redhat•rh-sso7-libunix-dbus-java-debuginfo
< 0:0.8.0-2.jbcs.el6
- redhat•rh-sso7-libunix-dbus-java-devel
< 0:0.8.0-2.jbcs.el6
- redhat•rh-sso7-liquibase
< 0:3.4.1-2.redhat_2.1.jbcs.el6
- redhat•rh-sso7-liquibase-core
< 0:3.4.1-2.redhat_2.1.jbcs.el6
- redhat•rh-sso7-python-javapackages
< 0:3.4.1-5.15.3.jbcs.el6
- redhat•rh-sso7-runtime
< 0:1-2.jbcs.el6
- redhat•rh-sso7-twitter4j
< 0:4.0.4-1.redhat_3.1.jbcs.el6
- redhat•rh-sso7-twitter4j-core
< 0:4.0.4-1.redhat_3.1.jbcs.el6
- redhat•rh-sso7-zxing
< 0:3.2.1-1.redhat_4.1.jbcs.el6
- redhat•rh-sso7-zxing-core
< 0:3.2.1-1.redhat_4.1.jbcs.el6
- redhat•rh-sso7-zxing-javase
< 0:3.2.1-1.redhat_4.1.jbcs.el6
References (17)
- https://access.redhat.com/errata/RHSA-2017:0872
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.1/html/release_notes/
- https://bugzilla.redhat.com/show_bug.cgi?id=1388988
- https://bugzilla.redhat.com/show_bug.cgi?id=1404782
- https://bugzilla.redhat.com/show_bug.cgi?id=1412376
- https://issues.redhat.com/browse/RHSSO-427
- https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0872.json
- https://access.redhat.com/security/cve/CVE-2016-8629
- https://www.cve.org/CVERecord?id=CVE-2016-8629
- https://nvd.nist.gov/vuln/detail/CVE-2016-8629
- https://access.redhat.com/security/cve/CVE-2016-9589
- https://www.cve.org/CVERecord?id=CVE-2016-9589
- https://nvd.nist.gov/vuln/detail/CVE-2016-9589
- https://access.redhat.com/security/cve/CVE-2017-2585
- https://www.cve.org/CVERecord?id=CVE-2017-2585
- https://nvd.nist.gov/vuln/detail/CVE-2017-2585