Lucene search
RedHatRHSA-2018:1609HistoryMay 17, 2018 - 6:15 p.m.
(RHSA-2018:1609) Important: Red Hat JBoss Enterprise Application Platform security update
2018-05-1718:15:39
access.redhat.com
74
0.001 Low
EPSS
Percentile
26.9%
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
Security Fix(es):
-
jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation (CVE-2016-8656)
-
jboss: jbossas writable config files allow privilege escalation (CVE-2016-8657)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 5 | noarch | jbossas-messaging | < 5.2.0-23.ep5.el5 | jbossas-messaging-5.2.0-23.ep5.el5.noarch.rpm |
| RedHat | 6 | noarch | jbossas | < 5.2.0-23.ep5.el6 | jbossas-5.2.0-23.ep5.el6.noarch.rpm |
| RedHat | 6 | noarch | jbossas-messaging | < 5.2.0-23.ep5.el6 | jbossas-messaging-5.2.0-23.ep5.el6.noarch.rpm |
| RedHat | 5 | noarch | jbossas-client | < 5.2.0-23.ep5.el5 | jbossas-client-5.2.0-23.ep5.el5.noarch.rpm |
| RedHat | 6 | noarch | jbossas-client | < 5.2.0-23.ep5.el6 | jbossas-client-5.2.0-23.ep5.el6.noarch.rpm |
| RedHat | 5 | noarch | jbossas-ws-native | < 5.2.0-23.ep5.el5 | jbossas-ws-native-5.2.0-23.ep5.el5.noarch.rpm |
| RedHat | 6 | noarch | jbossas-ws-native | < 5.2.0-23.ep5.el6 | jbossas-ws-native-5.2.0-23.ep5.el6.noarch.rpm |
| RedHat | 5 | noarch | jbossas | < 5.2.0-23.ep5.el5 | jbossas-5.2.0-23.ep5.el5.noarch.rpm |
Related
nessus
nessus
RHEL 5 / 6 : Red Hat JBoss Enterprise Application Platform (RHSA-2018:1609)
2018-05-23 00:00:00
RHEL 6 / 7 : JBoss EAP (RHSA-2017:0834)
2018-09-04 00:00:00
RHEL 7 : JBoss EAP (RHSA-2017:0832)
2018-09-04 00:00:00
veracode
veracode
Privilege Escalation
2019-05-02 05:52:13
Privilege Escalation
2019-01-15 09:16:39
prion
prion
Design/Logic Flaw
2018-07-31 19:29:00
Design/Logic Flaw
2018-05-22 17:29:00
Privilege escalation
2018-01-10 19:29:00
cve
cve
cvelist
cvelist
nvd
nvd
redhat
redhat
(RHSA-2017:0831) Important: JBoss Enterprise Application Platform 7.0.5 on RHEL 6
2017-03-22 17:40:06
(RHSA-2017:0834) Important: jboss-ec2-eap package for EAP 7.0.5
2017-03-22 17:55:27
redhatcve
redhatcve
CVE-2017-12189
2020-03-31 08:10:28
CVE-2016-8657
2016-12-01 09:17:27