RHSA-2018:0002
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.9 security update on RHEL 6
CVSS Metrics
- v3.0•CRITICAL•Score: 9.8CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•eap7-activemq-artemis
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-cli
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-commons
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-core-client
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-dto
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-hornetq-protocol
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-hqclient-protocol
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-jms-client
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-jms-server
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-journal
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-native
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-ra
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-selector
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-server
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-activemq-artemis-service-extensions
< 0:1.1.0-19.SP24_redhat_1.1.ep7.el6
- redhat•eap7-hibernate
< 0:5.0.16-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-hibernate-core
< 0:5.0.16-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-hibernate-entitymanager
< 0:5.0.16-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-hibernate-envers
< 0:5.0.16-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-hibernate-infinispan
< 0:5.0.16-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-hibernate-java8
< 0:5.0.16-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-ironjacamar
< 0:1.3.8-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-ironjacamar-common-api
< 0:1.3.8-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-ironjacamar-common-impl
< 0:1.3.8-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-ironjacamar-common-spi
< 0:1.3.8-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-ironjacamar-core-api
< 0:1.3.8-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-ironjacamar-core-impl
< 0:1.3.8-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-ironjacamar-deployers-common
< 0:1.3.8-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-ironjacamar-jdbc
< 0:1.3.8-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-ironjacamar-validator
< 0:1.3.8-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-jboss-remoting
< 0:4.0.25-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-jboss-xnio-base
< 0:3.4.7-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-jgroups
< 0:3.6.12-1.Final_redhat_1.1.ep7.el6
- redhat•eap7-resteasy
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-async-http-servlet-3.0
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-atom-provider
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-cdi
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-client
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-crypto
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-jackson-provider
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-jackson2-provider
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-jaxb-provider
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-jaxrs
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-jettison-provider
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-jose-jwt
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-jsapi
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-json-p-provider
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-multipart-provider
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-spring
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
- redhat•eap7-resteasy-validator-provider-11
< 0:3.0.19-7.SP5_redhat_1.1.ep7.el6
Showing first 50 affected entries in server-rendered view.
References (36)
- https://access.redhat.com/errata/RHSA-2018:0002
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/
- https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/
- https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/
- https://bugzilla.redhat.com/show_bug.cgi?id=1372120
- https://bugzilla.redhat.com/show_bug.cgi?id=1481665
- https://bugzilla.redhat.com/show_bug.cgi?id=1483823
- https://bugzilla.redhat.com/show_bug.cgi?id=1490301
- https://bugzilla.redhat.com/show_bug.cgi?id=1491612
- https://bugzilla.redhat.com/show_bug.cgi?id=1499631
- https://bugzilla.redhat.com/show_bug.cgi?id=1501529
- https://issues.redhat.com/browse/JBEAP-12349
- https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0002.json
- https://access.redhat.com/security/cve/CVE-2016-6346
- https://www.cve.org/CVERecord?id=CVE-2016-6346
- https://nvd.nist.gov/vuln/detail/CVE-2016-6346
- https://access.redhat.com/security/cve/CVE-2017-7559
- https://www.cve.org/CVERecord?id=CVE-2017-7559
- https://nvd.nist.gov/vuln/detail/CVE-2017-7559
- https://access.redhat.com/security/cve/CVE-2017-7561
- https://www.cve.org/CVERecord?id=CVE-2017-7561
- https://nvd.nist.gov/vuln/detail/CVE-2017-7561
- https://access.redhat.com/security/cve/CVE-2017-12165
- https://www.cve.org/CVERecord?id=CVE-2017-12165
- https://nvd.nist.gov/vuln/detail/CVE-2017-12165
- https://access.redhat.com/security/cve/CVE-2017-12167
- https://www.cve.org/CVERecord?id=CVE-2017-12167
- https://nvd.nist.gov/vuln/detail/CVE-2017-12167
- https://access.redhat.com/security/cve/CVE-2017-12189
- https://www.cve.org/CVERecord?id=CVE-2017-12189
- https://nvd.nist.gov/vuln/detail/CVE-2017-12189
- https://access.redhat.com/security/cve/CVE-2017-12629
- https://www.cve.org/CVERecord?id=CVE-2017-12629
- https://nvd.nist.gov/vuln/detail/CVE-2017-12629
- https://access.redhat.com/security/vulnerabilities/CVE-2017-12629