RHSA-2017:2808
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update
CVSS Metrics
- v3.0•HIGH•Score: 8.1CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•eap7-artemis-native
< 0:1.1.0-13.redhat_4.ep7.el7
- redhat•eap7-artemis-native-wildfly
< 0:1.1.0-13.redhat_4.ep7.el7
- redhat•eap7-bouncycastle
< 0:1.56.0-3.redhat_2.2.ep7.el7
- redhat•eap7-bouncycastle-mail
< 0:1.56.0-3.redhat_2.2.ep7.el7
- redhat•eap7-bouncycastle-pkix
< 0:1.56.0-3.redhat_2.2.ep7.el7
- redhat•eap7-bouncycastle-prov
< 0:1.56.0-3.redhat_2.2.ep7.el7
- redhat•eap7-hibernate-validator
< 0:5.2.5-2.Final_redhat_2.1.ep7.el7
- redhat•eap7-hibernate-validator-cdi
< 0:5.2.5-2.Final_redhat_2.1.ep7.el7
- redhat•eap7-jasypt
< 0:1.9.2-2.redhat_1.1.ep7.el7
- redhat•eap7-jboss-jms-api_2.0_spec
< 0:1.0.1-2.Final_redhat_1.1.ep7.el7
- redhat•eap7-jboss-logmanager
< 0:2.0.7-2.Final_redhat_1.1.ep7.el7
- redhat•eap7-jboss-metadata
< 0:10.0.2-2.Final_redhat_1.1.ep7.el7
- redhat•eap7-jboss-metadata-appclient
< 0:10.0.2-2.Final_redhat_1.1.ep7.el7
- redhat•eap7-jboss-metadata-common
< 0:10.0.2-2.Final_redhat_1.1.ep7.el7
- redhat•eap7-jboss-metadata-ear
< 0:10.0.2-2.Final_redhat_1.1.ep7.el7
- redhat•eap7-jboss-metadata-ejb
< 0:10.0.2-2.Final_redhat_1.1.ep7.el7
- redhat•eap7-jboss-metadata-web
< 0:10.0.2-2.Final_redhat_1.1.ep7.el7
- redhat•eap7-jboss-remote-naming
< 0:2.0.5-1.Final_redhat_1.1.ep7.el7
- redhat•eap7-jboss-remoting
< 0:4.0.24-1.Final_redhat_1.1.ep7.el7
- redhat•eap7-log4j-jboss-logmanager
< 0:1.1.4-2.Final_redhat_1.1.ep7.el7
- redhat•eap7-picketlink-api
< 0:2.5.5-9.SP8_redhat_1.1.ep7.el7
- redhat•eap7-picketlink-bindings
< 0:2.5.5-9.SP8_redhat_1.1.ep7.el7
- redhat•eap7-picketlink-common
< 0:2.5.5-9.SP8_redhat_1.1.ep7.el7
- redhat•eap7-picketlink-config
< 0:2.5.5-9.SP8_redhat_1.1.ep7.el7
- redhat•eap7-picketlink-federation
< 0:2.5.5-9.SP8_redhat_1.1.ep7.el7
- redhat•eap7-picketlink-idm-api
< 0:2.5.5-9.SP8_redhat_1.1.ep7.el7
- redhat•eap7-picketlink-idm-impl
< 0:2.5.5-9.SP8_redhat_1.1.ep7.el7
- redhat•eap7-picketlink-idm-simple-schema
< 0:2.5.5-9.SP8_redhat_1.1.ep7.el7
- redhat•eap7-picketlink-impl
< 0:2.5.5-9.SP8_redhat_1.1.ep7.el7
- redhat•eap7-picketlink-wildfly8
< 0:2.5.5-9.SP8_redhat_1.1.ep7.el7
- redhat•eap7-undertow
< 0:1.3.31-1.Final_redhat_1.1.ep7.el7
- redhat•eap7-wildfly
< 0:7.0.8-4.GA_redhat_1.1.ep7.el7
- redhat•eap7-wildfly-javadocs
< 0:7.0.8-1.GA_redhat_1.1.ep7.el7
- redhat•eap7-wildfly-modules
< 0:7.0.8-4.GA_redhat_1.1.ep7.el7
References (26)
- https://access.redhat.com/errata/RHSA-2017:2808
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/
- https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/
- https://bugzilla.redhat.com/show_bug.cgi?id=1410481
- https://bugzilla.redhat.com/show_bug.cgi?id=1443635
- https://bugzilla.redhat.com/show_bug.cgi?id=1444015
- https://bugzilla.redhat.com/show_bug.cgi?id=1455566
- https://bugzilla.redhat.com/show_bug.cgi?id=1465573
- https://issues.redhat.com/browse/JBEAP-11485
- https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2808.json
- https://access.redhat.com/security/cve/CVE-2014-9970
- https://www.cve.org/CVERecord?id=CVE-2014-9970
- https://nvd.nist.gov/vuln/detail/CVE-2014-9970
- https://access.redhat.com/security/cve/CVE-2015-6644
- https://www.cve.org/CVERecord?id=CVE-2015-6644
- https://nvd.nist.gov/vuln/detail/CVE-2015-6644
- https://access.redhat.com/security/cve/CVE-2017-2582
- https://www.cve.org/CVERecord?id=CVE-2017-2582
- https://nvd.nist.gov/vuln/detail/CVE-2017-2582
- https://access.redhat.com/security/cve/CVE-2017-5645
- https://www.cve.org/CVERecord?id=CVE-2017-5645
- https://nvd.nist.gov/vuln/detail/CVE-2017-5645
- https://access.redhat.com/security/cve/CVE-2017-7536
- https://www.cve.org/CVERecord?id=CVE-2017-7536
- https://nvd.nist.gov/vuln/detail/CVE-2017-7536