RHSA-2017:1834

Description

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.7 on RHEL 6

CVSS Metrics

• v3.0•HIGH•Score: 8.1CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•eap7-activemq-artemis

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-cli

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-commons

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-core-client

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-dto

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-hornetq-protocol

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-hqclient-protocol

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-jms-client

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-jms-server

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-journal

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-native

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-ra

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-selector

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-server

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-activemq-artemis-service-extensions

  < 0:1.1.0-18.SP21_redhat_1.1.ep7.el6

• redhat•eap7-glassfish-jsf

  < 0:2.2.12-2.SP4_redhat_1.1.ep7.el6

• redhat•eap7-hibernate

  < 0:5.0.14-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-hibernate-core

  < 0:5.0.14-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-hibernate-entitymanager

  < 0:5.0.14-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-hibernate-envers

  < 0:5.0.14-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-hibernate-infinispan

  < 0:5.0.14-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-hibernate-java8

  < 0:5.0.14-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar

  < 0:1.3.7-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-common-api

  < 0:1.3.7-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-common-impl

  < 0:1.3.7-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-common-spi

  < 0:1.3.7-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-core-api

  < 0:1.3.7-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-core-impl

  < 0:1.3.7-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-deployers-common

  < 0:1.3.7-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-jdbc

  < 0:1.3.7-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-ironjacamar-validator

  < 0:1.3.7-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-jackson-databind

  < 0:2.5.4-2.redhat_2.1.ep7.el6

• redhat•eap7-jboss-modules

  < 0:1.5.4-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-jboss-remoting

  < 0:4.0.23-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-jboss-xnio-base

  < 0:3.4.6-1.Final_redhat_1.1.ep7.el6

• redhat•eap7-resteasy

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-async-http-servlet-3.0

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-atom-provider

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-cdi

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-client

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-crypto

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-jackson-provider

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-jackson2-provider

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-jaxb-provider

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-jaxrs

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-jettison-provider

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-jose-jwt

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-jsapi

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-json-p-provider

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

• redhat•eap7-resteasy-multipart-provider

  < 0:3.0.19-6.SP4_redhat_1.1.ep7.el6

Showing first 50 affected entries in server-rendered view.

References (15)

• https://access.redhat.com/errata/RHSA-2017:1834
• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/
• https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/
• https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/
• https://bugzilla.redhat.com/show_bug.cgi?id=1379207
• https://bugzilla.redhat.com/show_bug.cgi?id=1462702
• https://issues.redhat.com/browse/JBEAP-9464
• https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1834.json
• https://access.redhat.com/security/cve/CVE-2016-4978
• https://www.cve.org/CVERecord?id=CVE-2016-4978
• https://nvd.nist.gov/vuln/detail/CVE-2016-4978
• https://access.redhat.com/security/cve/CVE-2017-7525
• https://www.cve.org/CVERecord?id=CVE-2017-7525
• https://nvd.nist.gov/vuln/detail/CVE-2017-7525