Lucene search
RedHatRHSA-2016:2937HistoryDec 08, 2016 - 7:51 p.m.
(RHSA-2016:2937) Moderate: Red Hat JBoss BPM Suite security update
2016-12-0819:51:45
access.redhat.com
14
EPSS
0.002
Percentile
57.6%
This release of Red Hat JBoss BPM Suite 6.3.4 serves as a replacement for Red Hat JBoss BPM Suite 6.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes of the patch linked to in the References section.
Security Fix(es):
- Drools Workbench contains the path traversal vulnerability. The vulnerability allows a remote, authenticated attacker to bypass the directory restrictions and retrieve arbitrary files from the affected host. (CVE-2016-7041)
Red Hat would like to thank Jonas Bauters (NVISO) for reporting this issue.
Related
cve
cve
CVE-2016-7041
2018-09-10 16:29:00
prion
prion
Path traversal
2018-09-10 16:29:00
nvd
nvd
CVE-2016-7041
2018-09-10 16:29:00
redhat
redhat
(RHSA-2016:2938) Moderate: Red Hat JBoss BRMS security update
2016-12-08 19:51:56
(RHSA-2016:2823) Moderate: Red Hat JBoss BRMS security update
2016-11-28 17:47:01
(RHSA-2016:2822) Moderate: Red Hat JBoss BPM Suite security update
2016-11-28 17:46:38
cvelist
cvelist
CVE-2016-7041
2018-09-10 16:00:00
redhatcve
redhatcve
CVE-2016-7041
2016-11-28 17:47:20