Lucene search

[email protected]CVE-2016-7046

HistoryOct 03, 2016 - 9:59 p.m.

CVE-2016-7046

2016-10-0321:59:07

CWE-399

[email protected]

web.nvd.nist.gov

red hat

jboss

eap

denial of service

cve-2016-7046

nvd

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.7 Medium

AI Score

Confidence

High

0.039 Low

EPSS

Percentile

92.0%

JSON

Red Hat JBoss Enterprise Application Platform (EAP) 7, when operating as a reverse-proxy with default buffer sizes, allows remote attackers to cause a denial of service (CPU and disk consumption) via a long URL.

Affected configurations

NVD

Node

redhatjboss_enterprise_application_platformMatch7.0

CPENameOperatorVersion
redhat:jboss_enterprise_application_platformredhat jboss enterprise application platformeq7.0

CPE	Name	Operator	Version
redhat:jboss_enterprise_application_platform	redhat jboss enterprise application platform	eq	7.0

References

rhn.redhat.com/errata/RHSA-2016-2640.html

rhn.redhat.com/errata/RHSA-2016-2641.html

rhn.redhat.com/errata/RHSA-2016-2642.html

rhn.redhat.com/errata/RHSA-2016-2657.html

www.securityfocus.com/bid/93173

access.redhat.com/errata/RHSA-2017:3454

access.redhat.com/errata/RHSA-2017:3455

access.redhat.com/errata/RHSA-2017:3456

access.redhat.com/errata/RHSA-2017:3458

bugzilla.redhat.com/show_bug.cgi?id=1376646

Social References

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.7 Medium

AI Score

Confidence

High

0.039 Low

EPSS

Percentile

92.0%

JSON

Related for CVE-2016-7046

redhat8 nessus6 osv1 prion1 ubuntucve1 nvd1 debiancve1 github1 cvelist1 veracode1