RHSA-2020:2511
Advisory lineage Upstream: 21 Downstream: 0
Published: 29 Sept 2024, 17:30
Last modified:15 May 2026, 10:06
Vulnerability Summary
Overall Risk (default)
medium
32/100 CVSS Score
8.1 HIGH
3.1 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
29 Sept 2024, 17:30
Published
Vulnerability first disclosed
15 May 2026, 10:06
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.1 Security update
CVSS Metrics
- v3.1•HIGH•Score: 8.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•eap7-activemq-artemis
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-cli
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-commons
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-core-client
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-dto
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-hornetq-protocol
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-hqclient-protocol
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-jdbc-store
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-jms-client
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-jms-server
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-journal
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-ra
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-selector
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-server
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-service-extensions
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-activemq-artemis-tools
< 0:2.9.0-4.redhat_00010.1.el6eap
- redhat•eap7-apache-cxf
< 0:3.3.5-1.redhat_00001.1.el6eap
- redhat•eap7-apache-cxf-rt
< 0:3.3.5-1.redhat_00001.1.el6eap
- redhat•eap7-apache-cxf-services
< 0:3.3.5-1.redhat_00001.1.el6eap
- redhat•eap7-apache-cxf-tools
< 0:3.3.5-1.redhat_00001.1.el6eap
- redhat•eap7-bouncycastle
< 0:1.60.0-2.redhat_00002.1.el6eap
- redhat•eap7-bouncycastle-mail
< 0:1.60.0-2.redhat_00002.1.el6eap
- redhat•eap7-bouncycastle-pkix
< 0:1.60.0-2.redhat_00002.1.el6eap
- redhat•eap7-bouncycastle-prov
< 0:1.60.0-2.redhat_00002.1.el6eap
- redhat•eap7-codehaus-jackson
< 0:1.9.13-10.redhat_00007.1.el6eap
- redhat•eap7-codehaus-jackson-core-asl
< 0:1.9.13-10.redhat_00007.1.el6eap
- redhat•eap7-codehaus-jackson-jaxrs
< 0:1.9.13-10.redhat_00007.1.el6eap
- redhat•eap7-codehaus-jackson-mapper-asl
< 0:1.9.13-10.redhat_00007.1.el6eap
- redhat•eap7-codehaus-jackson-xc
< 0:1.9.13-10.redhat_00007.1.el6eap
- redhat•eap7-codemodel
< 0:2.3.3-4.b02_redhat_00001.1.el6eap
- redhat•eap7-cryptacular
< 0:1.2.4-1.redhat_00001.1.el6eap
- redhat•eap7-elytron-web
< 0:1.6.1-1.Final_redhat_00001.1.el6eap
- redhat•eap7-glassfish-jaxb
< 0:2.3.3-4.b02_redhat_00001.1.el6eap
- redhat•eap7-glassfish-jsf
< 0:2.3.9-10.SP09_redhat_00001.1.el6eap
- redhat•eap7-hal-console
< 0:3.2.8-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate
< 0:5.3.16-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-core
< 0:5.3.16-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-entitymanager
< 0:5.3.16-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-envers
< 0:5.3.16-1.Final_redhat_00001.1.el6eap
- redhat•eap7-hibernate-java8
< 0:5.3.16-1.Final_redhat_00001.1.el6eap
- redhat•eap7-infinispan
< 0:9.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-infinispan-cachestore-jdbc
< 0:9.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-infinispan-cachestore-remote
< 0:9.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-infinispan-client-hotrod
< 0:9.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-infinispan-commons
< 0:9.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-infinispan-core
< 0:9.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-infinispan-hibernate-cache-commons
< 0:9.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-infinispan-hibernate-cache-spi
< 0:9.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-infinispan-hibernate-cache-v53
< 0:9.4.18-1.Final_redhat_00001.1.el6eap
- redhat•eap7-ironjacamar
< 0:1.4.20-1.Final_redhat_00001.1.el6eap
Showing first 50 affected entries in server-rendered view.
References (152)
- https://access.redhat.com/errata/RHSA-2020:2511
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/
- https://bugzilla.redhat.com/show_bug.cgi?id=1607709
- https://bugzilla.redhat.com/show_bug.cgi?id=1715075
- https://bugzilla.redhat.com/show_bug.cgi?id=1730462
- https://bugzilla.redhat.com/show_bug.cgi?id=1752770
- https://bugzilla.redhat.com/show_bug.cgi?id=1764607
- https://bugzilla.redhat.com/show_bug.cgi?id=1764612
- https://bugzilla.redhat.com/show_bug.cgi?id=1772008
- https://bugzilla.redhat.com/show_bug.cgi?id=1797006
- https://bugzilla.redhat.com/show_bug.cgi?id=1797011
- https://bugzilla.redhat.com/show_bug.cgi?id=1801380
- https://bugzilla.redhat.com/show_bug.cgi?id=1802444
- https://bugzilla.redhat.com/show_bug.cgi?id=1805006
- https://bugzilla.redhat.com/show_bug.cgi?id=1807305
- https://bugzilla.redhat.com/show_bug.cgi?id=1814974
- https://bugzilla.redhat.com/show_bug.cgi?id=1816330
- https://bugzilla.redhat.com/show_bug.cgi?id=1816332
- https://bugzilla.redhat.com/show_bug.cgi?id=1816337
- https://bugzilla.redhat.com/show_bug.cgi?id=1816340
- https://bugzilla.redhat.com/show_bug.cgi?id=1828459
- https://issues.redhat.com/browse/JBEAP-16114
- https://issues.redhat.com/browse/JBEAP-18060
- https://issues.redhat.com/browse/JBEAP-18163
- https://issues.redhat.com/browse/JBEAP-18221
- https://issues.redhat.com/browse/JBEAP-18240
- https://issues.redhat.com/browse/JBEAP-18241
- https://issues.redhat.com/browse/JBEAP-18273
- https://issues.redhat.com/browse/JBEAP-18277
- https://issues.redhat.com/browse/JBEAP-18288
- https://issues.redhat.com/browse/JBEAP-18294
- https://issues.redhat.com/browse/JBEAP-18302
- https://issues.redhat.com/browse/JBEAP-18315
- https://issues.redhat.com/browse/JBEAP-18346
- https://issues.redhat.com/browse/JBEAP-18352
- https://issues.redhat.com/browse/JBEAP-18361
- https://issues.redhat.com/browse/JBEAP-18367
- https://issues.redhat.com/browse/JBEAP-18393
- https://issues.redhat.com/browse/JBEAP-18397
- https://issues.redhat.com/browse/JBEAP-18409
- https://issues.redhat.com/browse/JBEAP-18527
- https://issues.redhat.com/browse/JBEAP-18528
- https://issues.redhat.com/browse/JBEAP-18596
- https://issues.redhat.com/browse/JBEAP-18598
- https://issues.redhat.com/browse/JBEAP-18640
- https://issues.redhat.com/browse/JBEAP-18653
- https://issues.redhat.com/browse/JBEAP-18706
- https://issues.redhat.com/browse/JBEAP-18770
- https://issues.redhat.com/browse/JBEAP-18775
- https://issues.redhat.com/browse/JBEAP-18788
- https://issues.redhat.com/browse/JBEAP-18790
- https://issues.redhat.com/browse/JBEAP-18818
- https://issues.redhat.com/browse/JBEAP-18836
- https://issues.redhat.com/browse/JBEAP-18850
- https://issues.redhat.com/browse/JBEAP-18870
- https://issues.redhat.com/browse/JBEAP-18875
- https://issues.redhat.com/browse/JBEAP-18876
- https://issues.redhat.com/browse/JBEAP-18877
- https://issues.redhat.com/browse/JBEAP-18878
- https://issues.redhat.com/browse/JBEAP-18879
- https://issues.redhat.com/browse/JBEAP-18929
- https://issues.redhat.com/browse/JBEAP-18990
- https://issues.redhat.com/browse/JBEAP-18991
- https://issues.redhat.com/browse/JBEAP-19035
- https://issues.redhat.com/browse/JBEAP-19054
- https://issues.redhat.com/browse/JBEAP-19066
- https://issues.redhat.com/browse/JBEAP-19117
- https://issues.redhat.com/browse/JBEAP-19133
- https://issues.redhat.com/browse/JBEAP-19156
- https://issues.redhat.com/browse/JBEAP-19181
- https://issues.redhat.com/browse/JBEAP-19192
- https://issues.redhat.com/browse/JBEAP-19232
- https://issues.redhat.com/browse/JBEAP-19281
- https://issues.redhat.com/browse/JBEAP-19456
- https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2511.json
- https://access.redhat.com/security/cve/CVE-2018-14371
- https://www.cve.org/CVERecord?id=CVE-2018-14371
- https://nvd.nist.gov/vuln/detail/CVE-2018-14371
- https://access.redhat.com/security/cve/CVE-2019-0205
- https://www.cve.org/CVERecord?id=CVE-2019-0205
- https://nvd.nist.gov/vuln/detail/CVE-2019-0205
- https://access.redhat.com/security/cve/CVE-2019-0210
- https://www.cve.org/CVERecord?id=CVE-2019-0210
- https://nvd.nist.gov/vuln/detail/CVE-2019-0210
- https://access.redhat.com/security/cve/CVE-2019-10172
- https://www.cve.org/CVERecord?id=CVE-2019-10172
- https://nvd.nist.gov/vuln/detail/CVE-2019-10172
- https://access.redhat.com/security/cve/CVE-2019-12423
- https://www.cve.org/CVERecord?id=CVE-2019-12423
- https://nvd.nist.gov/vuln/detail/CVE-2019-12423
- https://access.redhat.com/security/cve/CVE-2019-14887
- https://www.cve.org/CVERecord?id=CVE-2019-14887
- https://nvd.nist.gov/vuln/detail/CVE-2019-14887
- https://access.redhat.com/security/cve/CVE-2019-17573
- https://www.cve.org/CVERecord?id=CVE-2019-17573
- https://nvd.nist.gov/vuln/detail/CVE-2019-17573
- https://access.redhat.com/security/cve/CVE-2020-1695
- https://www.cve.org/CVERecord?id=CVE-2020-1695
- https://nvd.nist.gov/vuln/detail/CVE-2020-1695
- https://access.redhat.com/security/cve/CVE-2020-1719
- https://bugzilla.redhat.com/show_bug.cgi?id=1796617
- https://www.cve.org/CVERecord?id=CVE-2020-1719
- https://nvd.nist.gov/vuln/detail/CVE-2020-1719
- https://access.redhat.com/security/cve/CVE-2020-1729
- https://www.cve.org/CVERecord?id=CVE-2020-1729
- https://nvd.nist.gov/vuln/detail/CVE-2020-1729
- https://access.redhat.com/security/cve/CVE-2020-1745
- https://www.cve.org/CVERecord?id=CVE-2020-1745
- https://nvd.nist.gov/vuln/detail/CVE-2020-1745
- https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/
- https://www.cnvd.org.cn/webinfo/show/5415
- https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487
- https://access.redhat.com/security/cve/CVE-2020-1757
- https://www.cve.org/CVERecord?id=CVE-2020-1757
- https://nvd.nist.gov/vuln/detail/CVE-2020-1757
- https://access.redhat.com/security/cve/CVE-2020-6950
- https://www.cve.org/CVERecord?id=CVE-2020-6950
- https://nvd.nist.gov/vuln/detail/CVE-2020-6950
- https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943
- https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24
- https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741
- https://github.com/eclipse-ee4j/mojarra/issues/4571
- https://github.com/javaserverfaces/mojarra/issues/4364
- https://access.redhat.com/security/cve/CVE-2020-7226
- https://www.cve.org/CVERecord?id=CVE-2020-7226
- https://nvd.nist.gov/vuln/detail/CVE-2020-7226
- https://access.redhat.com/security/cve/CVE-2020-8840
- https://www.cve.org/CVERecord?id=CVE-2020-8840
- https://nvd.nist.gov/vuln/detail/CVE-2020-8840
- https://access.redhat.com/security/cve/CVE-2020-9546
- https://www.cve.org/CVERecord?id=CVE-2020-9546
- https://nvd.nist.gov/vuln/detail/CVE-2020-9546
- https://access.redhat.com/security/cve/CVE-2020-9547
- https://www.cve.org/CVERecord?id=CVE-2020-9547
- https://nvd.nist.gov/vuln/detail/CVE-2020-9547
- https://access.redhat.com/security/cve/CVE-2020-9548
- https://www.cve.org/CVERecord?id=CVE-2020-9548
- https://nvd.nist.gov/vuln/detail/CVE-2020-9548
- https://access.redhat.com/security/cve/CVE-2020-10688
- https://www.cve.org/CVERecord?id=CVE-2020-10688
- https://nvd.nist.gov/vuln/detail/CVE-2020-10688
- https://github.com/quarkusio/quarkus/issues/7248
- https://issues.redhat.com/browse/RESTEASY-2519
- https://access.redhat.com/security/cve/CVE-2020-10705
- https://bugzilla.redhat.com/show_bug.cgi?id=1803241
- https://www.cve.org/CVERecord?id=CVE-2020-10705
- https://nvd.nist.gov/vuln/detail/CVE-2020-10705
- https://access.redhat.com/security/cve/CVE-2020-10719
- https://www.cve.org/CVERecord?id=CVE-2020-10719
- https://nvd.nist.gov/vuln/detail/CVE-2020-10719