RHSA-2018:0268

Description

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update

CVSS Metrics

• v3.0•HIGH•Score: 8.1CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•hornetq

  < 0:2.3.25-25.SP23_redhat_1.1.ep6.el7

• redhat•infinispan

  < 0:5.2.23-1.Final_redhat_1.1.ep6.el7

• redhat•infinispan-cachestore-jdbc

  < 0:5.2.23-1.Final_redhat_1.1.ep6.el7

• redhat•infinispan-cachestore-remote

  < 0:5.2.23-1.Final_redhat_1.1.ep6.el7

• redhat•infinispan-client-hotrod

  < 0:5.2.23-1.Final_redhat_1.1.ep6.el7

• redhat•infinispan-core

  < 0:5.2.23-1.Final_redhat_1.1.ep6.el7

• redhat•ironjacamar-common-api-eap6

  < 0:1.0.41-1.Final_redhat_1.1.ep6.el7

• redhat•ironjacamar-common-impl-eap6

  < 0:1.0.41-1.Final_redhat_1.1.ep6.el7

• redhat•ironjacamar-common-spi-eap6

  < 0:1.0.41-1.Final_redhat_1.1.ep6.el7

• redhat•ironjacamar-core-api-eap6

  < 0:1.0.41-1.Final_redhat_1.1.ep6.el7

• redhat•ironjacamar-core-impl-eap6

  < 0:1.0.41-1.Final_redhat_1.1.ep6.el7

• redhat•ironjacamar-deployers-common-eap6

  < 0:1.0.41-1.Final_redhat_1.1.ep6.el7

• redhat•ironjacamar-eap6

  < 0:1.0.41-1.Final_redhat_1.1.ep6.el7

• redhat•ironjacamar-jdbc-eap6

  < 0:1.0.41-1.Final_redhat_1.1.ep6.el7

• redhat•ironjacamar-spec-api-eap6

  < 0:1.0.41-1.Final_redhat_1.1.ep6.el7

• redhat•ironjacamar-validator-eap6

  < 0:1.0.41-1.Final_redhat_1.1.ep6.el7

• redhat•jboss-as-appclient

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-cli

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-client-all

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-clustering

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-cmp

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-configadmin

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-connector

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-controller

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-controller-client

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-core-security

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-deployment-repository

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-deployment-scanner

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-domain-http

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-domain-management

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-ee

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-ee-deployment

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-ejb3

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-embedded

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-host-controller

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-jacorb

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-jaxr

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-jaxrs

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-jdr

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-jmx

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-jpa

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-jsf

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-jsr77

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-logging

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-mail

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-management-client-content

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-messaging

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-modcluster

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-naming

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

• redhat•jboss-as-network

  < 0:7.5.19-2.Final_redhat_2.1.ep6.el7

Showing first 50 affected entries in server-rendered view.

References (20)

• https://access.redhat.com/errata/RHSA-2018:0268
• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/
• https://bugzilla.redhat.com/show_bug.cgi?id=1494283
• https://bugzilla.redhat.com/show_bug.cgi?id=1498378
• https://bugzilla.redhat.com/show_bug.cgi?id=1519260
• https://bugzilla.redhat.com/show_bug.cgi?id=1530457
• https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0268.json
• https://access.redhat.com/security/cve/CVE-2017-12174
• https://www.cve.org/CVERecord?id=CVE-2017-12174
• https://nvd.nist.gov/vuln/detail/CVE-2017-12174
• https://access.redhat.com/security/cve/CVE-2017-12617
• https://www.cve.org/CVERecord?id=CVE-2017-12617
• https://nvd.nist.gov/vuln/detail/CVE-2017-12617
• https://tomcat.apache.org/security-7.html
• https://tomcat.apache.org/security-8.html
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog
• https://access.redhat.com/security/cve/CVE-2018-1041
• https://www.cve.org/CVERecord?id=CVE-2018-1041
• https://nvd.nist.gov/vuln/detail/CVE-2018-1041