RHSA-2018:1449
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
CVSS Metrics
- v3.0•HIGH•Score: 8.1CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•codehaus-jackson
< 0:1.9.9-12.redhat_6.1.ep6.el6
- redhat•codehaus-jackson-core-asl
< 0:1.9.9-12.redhat_6.1.ep6.el6
- redhat•codehaus-jackson-jaxrs
< 0:1.9.9-12.redhat_6.1.ep6.el6
- redhat•codehaus-jackson-mapper-asl
< 0:1.9.9-12.redhat_6.1.ep6.el6
- redhat•codehaus-jackson-xc
< 0:1.9.9-12.redhat_6.1.ep6.el6
- redhat•hornetq
< 0:2.3.25-26.SP24_redhat_1.1.ep6.el6
- redhat•jboss-as-appclient
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-cli
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-client-all
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-clustering
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-cmp
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-configadmin
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-connector
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-controller
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-controller-client
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-core-security
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-deployment-repository
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-deployment-scanner
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-domain-http
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-domain-management
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-ee
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-ee-deployment
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-ejb3
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-embedded
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-host-controller
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-jacorb
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-jaxr
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-jaxrs
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-jdr
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-jmx
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-jpa
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-jsf
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-jsr77
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-logging
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-mail
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-management-client-content
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-messaging
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-modcluster
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-naming
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-network
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-osgi
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-osgi-configadmin
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-osgi-service
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-picketlink
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-platform-mbean
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-pojo
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-process-controller
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-protocol
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-remoting
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
- redhat•jboss-as-sar
< 0:7.5.20-1.Final_redhat_1.1.ep6.el6
Showing first 50 affected entries in server-rendered view.
References (43)
- https://access.redhat.com/errata/RHSA-2018:1449
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4
- https://bugzilla.redhat.com/show_bug.cgi?id=1379207
- https://bugzilla.redhat.com/show_bug.cgi?id=1454783
- https://bugzilla.redhat.com/show_bug.cgi?id=1506612
- https://bugzilla.redhat.com/show_bug.cgi?id=1528565
- https://bugzilla.redhat.com/show_bug.cgi?id=1548289
- https://bugzilla.redhat.com/show_bug.cgi?id=1548909
- https://bugzilla.redhat.com/show_bug.cgi?id=1549276
- https://bugzilla.redhat.com/show_bug.cgi?id=1559008
- https://bugzilla.redhat.com/show_bug.cgi?id=1559011
- https://bugzilla.redhat.com/show_bug.cgi?id=1559016
- https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1449.json
- https://access.redhat.com/security/cve/CVE-2016-4978
- https://www.cve.org/CVERecord?id=CVE-2016-4978
- https://nvd.nist.gov/vuln/detail/CVE-2016-4978
- https://access.redhat.com/security/cve/CVE-2017-3163
- https://www.cve.org/CVERecord?id=CVE-2017-3163
- https://nvd.nist.gov/vuln/detail/CVE-2017-3163
- https://access.redhat.com/security/cve/CVE-2017-7525
- https://bugzilla.redhat.com/show_bug.cgi?id=1462702
- https://www.cve.org/CVERecord?id=CVE-2017-7525
- https://nvd.nist.gov/vuln/detail/CVE-2017-7525
- https://access.redhat.com/security/cve/CVE-2017-15095
- https://www.cve.org/CVERecord?id=CVE-2017-15095
- https://nvd.nist.gov/vuln/detail/CVE-2017-15095
- https://access.redhat.com/solutions/3442891
- https://access.redhat.com/security/cve/CVE-2017-17485
- https://www.cve.org/CVERecord?id=CVE-2017-17485
- https://nvd.nist.gov/vuln/detail/CVE-2017-17485
- https://access.redhat.com/security/cve/CVE-2018-1304
- https://www.cve.org/CVERecord?id=CVE-2018-1304
- https://nvd.nist.gov/vuln/detail/CVE-2018-1304
- https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85
- https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50
- https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28
- https://access.redhat.com/security/cve/CVE-2018-7489
- https://www.cve.org/CVERecord?id=CVE-2018-7489
- https://nvd.nist.gov/vuln/detail/CVE-2018-7489
- https://access.redhat.com/security/cve/CVE-2018-8088
- https://www.cve.org/CVERecord?id=CVE-2018-8088
- https://nvd.nist.gov/vuln/detail/CVE-2018-8088