RHSA-2020:2058
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.8 on RHEL 6 security update
CVSS Metrics
- v3.0•HIGH•Score: 8.1CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Affected Systems
- redhat•eap7-activemq-artemis
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-cli
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-commons
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-core-client
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-dto
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-hornetq-protocol
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-hqclient-protocol
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-jdbc-store
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-jms-client
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-jms-server
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-journal
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-ra
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-selector
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-server
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-service-extensions
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-tools
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-apache-cxf
< 0:3.2.12-1.redhat_00001.1.el6eap
- redhat•eap7-apache-cxf-rt
< 0:3.2.12-1.redhat_00001.1.el6eap
- redhat•eap7-apache-cxf-services
< 0:3.2.12-1.redhat_00001.1.el6eap
- redhat•eap7-apache-cxf-tools
< 0:3.2.12-1.redhat_00001.1.el6eap
- redhat•eap7-bouncycastle
< 0:1.60.0-2.redhat_00002.1.el6eap
- redhat•eap7-bouncycastle-mail
< 0:1.60.0-2.redhat_00002.1.el6eap
- redhat•eap7-bouncycastle-pkix
< 0:1.60.0-2.redhat_00002.1.el6eap
- redhat•eap7-bouncycastle-prov
< 0:1.60.0-2.redhat_00002.1.el6eap
- redhat•eap7-codehaus-jackson
< 0:1.9.13-10.redhat_00007.1.el6eap
- redhat•eap7-codehaus-jackson-core-asl
< 0:1.9.13-10.redhat_00007.1.el6eap
- redhat•eap7-codehaus-jackson-jaxrs
< 0:1.9.13-10.redhat_00007.1.el6eap
- redhat•eap7-codehaus-jackson-mapper-asl
< 0:1.9.13-10.redhat_00007.1.el6eap
- redhat•eap7-codehaus-jackson-xc
< 0:1.9.13-10.redhat_00007.1.el6eap
- redhat•eap7-cryptacular
< 0:1.2.4-1.redhat_00001.1.el6eap
- redhat•eap7-glassfish-el
< 0:3.0.1-5.b08_redhat_00004.1.el6eap
- redhat•eap7-glassfish-el-impl
< 0:3.0.1-5.b08_redhat_00004.1.el6eap
- redhat•eap7-glassfish-javamail
< 0:1.6.2-2.redhat_00001.1.el6eap
- redhat•eap7-glassfish-jsf
< 0:2.3.5-10.SP3_redhat_00008.1.el6eap
- redhat•eap7-hal-console
< 0:3.0.21-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-commons-annotations
< 0:5.0.5-1.Final_redhat_00002.1.el6eap
- redhat•eap7-hibernate-search
< 0:5.10.7-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-search-backend-jgroups
< 0:5.10.7-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-search-backend-jms
< 0:5.10.7-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-search-engine
< 0:5.10.7-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-search-orm
< 0:5.10.7-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-search-serialization-avro
< 0:5.10.7-1.Final_redhat_00001.1.el6eap
- redhat•eap7-httpcomponents-client
< 0:4.5.4-1.redhat_00001.1.el6eap
- redhat•eap7-httpcomponents-core
< 0:4.4.5-1.redhat_00001.1.el6eap
- redhat•eap7-jackson-databind
< 0:2.9.10.2-2.redhat_00002.1.el6eap
- redhat•eap7-jasypt
< 0:1.9.3-1.redhat_00001.1.el6eap
- redhat•eap7-javaee-security-soteria
< 0:1.0.0-3.redhat_00002.1.el6eap
- redhat•eap7-javaee-security-soteria-enterprise
< 0:1.0.0-3.redhat_00002.1.el6eap
- redhat•eap7-jaxbintros
< 0:1.0.3-1.GA_redhat_00001.1.el6eap
- redhat•eap7-jboss-batch-api_1.0_spec
< 0:1.0.2-1.Final_redhat_00001.1.el6eap
Showing first 50 affected entries in server-rendered view.
References (81)
- https://access.redhat.com/errata/RHSA-2020:2058
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/
- https://bugzilla.redhat.com/show_bug.cgi?id=1715075
- https://bugzilla.redhat.com/show_bug.cgi?id=1752770
- https://bugzilla.redhat.com/show_bug.cgi?id=1796617
- https://bugzilla.redhat.com/show_bug.cgi?id=1797006
- https://bugzilla.redhat.com/show_bug.cgi?id=1797011
- https://bugzilla.redhat.com/show_bug.cgi?id=1801380
- https://bugzilla.redhat.com/show_bug.cgi?id=1801726
- https://bugzilla.redhat.com/show_bug.cgi?id=1802444
- https://bugzilla.redhat.com/show_bug.cgi?id=1803241
- https://bugzilla.redhat.com/show_bug.cgi?id=1807305
- https://bugzilla.redhat.com/show_bug.cgi?id=1828459
- https://issues.redhat.com/browse/JBEAP-18071
- https://issues.redhat.com/browse/JBEAP-18267
- https://issues.redhat.com/browse/JBEAP-18278
- https://issues.redhat.com/browse/JBEAP-18423
- https://issues.redhat.com/browse/JBEAP-18438
- https://issues.redhat.com/browse/JBEAP-18503
- https://issues.redhat.com/browse/JBEAP-18506
- https://issues.redhat.com/browse/JBEAP-18536
- https://issues.redhat.com/browse/JBEAP-18595
- https://issues.redhat.com/browse/JBEAP-18616
- https://issues.redhat.com/browse/JBEAP-18628
- https://issues.redhat.com/browse/JBEAP-18631
- https://issues.redhat.com/browse/JBEAP-18639
- https://issues.redhat.com/browse/JBEAP-18646
- https://issues.redhat.com/browse/JBEAP-18652
- https://issues.redhat.com/browse/JBEAP-18664
- https://issues.redhat.com/browse/JBEAP-18724
- https://issues.redhat.com/browse/JBEAP-18729
- https://issues.redhat.com/browse/JBEAP-18787
- https://issues.redhat.com/browse/JBEAP-18789
- https://issues.redhat.com/browse/JBEAP-18817
- https://issues.redhat.com/browse/JBEAP-18827
- https://issues.redhat.com/browse/JBEAP-18835
- https://issues.redhat.com/browse/JBEAP-18885
- https://issues.redhat.com/browse/JBEAP-18931
- https://issues.redhat.com/browse/JBEAP-18988
- https://issues.redhat.com/browse/JBEAP-18989
- https://issues.redhat.com/browse/JBEAP-19233
- https://issues.redhat.com/browse/JBEAP-19234
- https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2058.json
- https://access.redhat.com/security/cve/CVE-2019-10172
- https://www.cve.org/CVERecord?id=CVE-2019-10172
- https://nvd.nist.gov/vuln/detail/CVE-2019-10172
- https://access.redhat.com/security/cve/CVE-2019-12423
- https://www.cve.org/CVERecord?id=CVE-2019-12423
- https://nvd.nist.gov/vuln/detail/CVE-2019-12423
- https://access.redhat.com/security/cve/CVE-2019-17573
- https://www.cve.org/CVERecord?id=CVE-2019-17573
- https://nvd.nist.gov/vuln/detail/CVE-2019-17573
- https://access.redhat.com/security/cve/CVE-2020-1719
- https://www.cve.org/CVERecord?id=CVE-2020-1719
- https://nvd.nist.gov/vuln/detail/CVE-2020-1719
- https://access.redhat.com/security/cve/CVE-2020-1729
- https://www.cve.org/CVERecord?id=CVE-2020-1729
- https://nvd.nist.gov/vuln/detail/CVE-2020-1729
- https://access.redhat.com/security/cve/CVE-2020-1732
- https://www.cve.org/CVERecord?id=CVE-2020-1732
- https://nvd.nist.gov/vuln/detail/CVE-2020-1732
- https://access.redhat.com/security/cve/CVE-2020-1745
- https://www.cve.org/CVERecord?id=CVE-2020-1745
- https://nvd.nist.gov/vuln/detail/CVE-2020-1745
- https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/
- https://www.cnvd.org.cn/webinfo/show/5415
- https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487
- https://access.redhat.com/security/cve/CVE-2020-1757
- https://www.cve.org/CVERecord?id=CVE-2020-1757
- https://nvd.nist.gov/vuln/detail/CVE-2020-1757
- https://access.redhat.com/security/cve/CVE-2020-7226
- https://www.cve.org/CVERecord?id=CVE-2020-7226
- https://nvd.nist.gov/vuln/detail/CVE-2020-7226
- https://access.redhat.com/security/cve/CVE-2020-10705
- https://www.cve.org/CVERecord?id=CVE-2020-10705
- https://nvd.nist.gov/vuln/detail/CVE-2020-10705
- https://access.redhat.com/security/cve/CVE-2020-10719
- https://www.cve.org/CVERecord?id=CVE-2020-10719
- https://nvd.nist.gov/vuln/detail/CVE-2020-10719