Lucene search
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2022-1296.NASLHistoryApr 12, 2022 - 12:00 a.m.
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.4 (RHSA-2022:1296)
2022-04-1200:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
68
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1296 advisory.
-
log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
-
log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
-
log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
-
log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
-
log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
-
log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
-
log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2022:1296. The text
# itself is copyright (C) Red Hat, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(159653);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/05/01");
script_cve_id(
"CVE-2021-4104",
"CVE-2021-44832",
"CVE-2021-45046",
"CVE-2021-45105",
"CVE-2022-23302",
"CVE-2022-23305",
"CVE-2022-23307"
);
script_xref(name:"RHSA", value:"2022:1296");
script_xref(name:"IAVA", value:"2021-A-0573");
script_xref(name:"IAVA", value:"2022-A-0029");
script_xref(name:"IAVA", value:"2022-A-0060");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2023/05/22");
script_name(english:"RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.4 (RHSA-2022:1296)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2022:1296 advisory.
- log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender
(CVE-2021-4104)
- log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
- log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete
fix for CVE-2021-44228) (CVE-2021-45046)
- log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and
context lookup pattern (CVE-2021-45105)
- log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
- log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
- log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2021-4104");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2021-44832");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2021-45046");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2021-45105");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2022-23302");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2022-23305");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2022-23307");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2022:1296");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/2031667");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/2032580");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/2034067");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/2035951");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/2041949");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/2041959");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/2041967");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-23307");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-23305");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_cwe_id(20, 89, 400, 502, 674);
script_set_attribute(attribute:"vuln_publication_date", value:"2021/12/10");
script_set_attribute(attribute:"patch_publication_date", value:"2022/04/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/04/12");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-ecj");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-component-annotations");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-log4j");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-narayana");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-objectweb-asm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-undertow");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-el7-x86_64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-java");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-xom");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-yasson");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel/server/7/7Server/x86_64/jbeap/7.4/debug',
'content/dist/rhel/server/7/7Server/x86_64/jbeap/7.4/os',
'content/dist/rhel/server/7/7Server/x86_64/jbeap/7.4/source/SRPMS'
],
'pkgs': [
{'reference':'eap7-activemq-artemis-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-cli-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-commons-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-core-client-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-dto-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-hornetq-protocol-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-hqclient-protocol-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-jdbc-store-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-jms-client-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-jms-server-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-journal-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-ra-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-selector-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-server-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-service-extensions-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-activemq-artemis-tools-2.16.0-7.redhat_00034.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-ecj-3.26.0-1.redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'eap7-jboss'},
{'reference':'eap7-hal-console-3.3.9-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-hibernate-5.3.25-1.Final_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-hibernate-core-5.3.25-1.Final_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-hibernate-entitymanager-5.3.25-1.Final_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-hibernate-envers-5.3.25-1.Final_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-hibernate-java8-5.3.25-1.Final_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-infinispan-11.0.15-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-infinispan-cachestore-jdbc-11.0.15-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-infinispan-cachestore-remote-11.0.15-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-infinispan-client-hotrod-11.0.15-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-infinispan-commons-11.0.15-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-infinispan-component-annotations-11.0.15-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-infinispan-core-11.0.15-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-infinispan-hibernate-cache-commons-11.0.15-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-infinispan-hibernate-cache-spi-11.0.15-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-infinispan-hibernate-cache-v53-11.0.15-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-jboss-server-migration-1.10.0-15.Final_redhat_00014.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-jboss-server-migration-cli-1.10.0-15.Final_redhat_00014.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-jboss-server-migration-core-1.10.0-15.Final_redhat_00014.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-jboss-vfs-3.2.16-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-jboss-xnio-base-3.8.6-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-jbossws-cxf-5.4.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-log4j-2.17.1-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-narayana-5.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-narayana-compensations-5.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-narayana-jbosstxbridge-5.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-narayana-jbossxts-5.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-narayana-jts-idlj-5.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-narayana-jts-integration-5.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-narayana-restat-api-5.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-narayana-restat-bridge-5.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-narayana-restat-integration-5.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-narayana-restat-util-5.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-narayana-txframework-5.11.4-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-objectweb-asm-9.1.0-1.redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-undertow-2.2.16-1.Final_redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-wildfly-7.4.4-3.GA_redhat_00011.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-wildfly-elytron-1.15.11-1.Final_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-wildfly-elytron-tool-1.15.11-1.Final_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-wildfly-java-jdk11-7.4.4-3.GA_redhat_00011.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-wildfly-java-jdk8-7.4.4-3.GA_redhat_00011.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-wildfly-javadocs-7.4.4-3.GA_redhat_00011.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-wildfly-modules-7.4.4-3.GA_redhat_00011.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-wildfly-openssl-2.2.0-3.Final_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-wildfly-openssl-el7-x86_64-2.2.0-2.Final_redhat_00002.1.el7eap', 'cpu':'x86_64', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-wildfly-openssl-java-2.2.0-3.Final_redhat_00002.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-xom-1.3.7-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'},
{'reference':'eap7-yasson-1.0.10-1.redhat_00001.1.el7eap', 'release':'7', 'el_string':'el7eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get() + redhat_report_package_caveat();
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'eap7-activemq-artemis / eap7-activemq-artemis-cli / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | 7 | cpe:/o:redhat:enterprise_linux:7 |
| redhat | enterprise_linux | eap7-activemq-artemis | p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis |
| redhat | enterprise_linux | eap7-activemq-artemis-cli | p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli |
| redhat | enterprise_linux | eap7-activemq-artemis-commons | p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons |
| redhat | enterprise_linux | eap7-activemq-artemis-core-client | p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client |
| redhat | enterprise_linux | eap7-activemq-artemis-dto | p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto |
| redhat | enterprise_linux | eap7-activemq-artemis-hornetq-protocol | p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol |
| redhat | enterprise_linux | eap7-activemq-artemis-hqclient-protocol | p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol |
| redhat | enterprise_linux | eap7-activemq-artemis-jdbc-store | p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store |
| redhat | enterprise_linux | eap7-activemq-artemis-jms-client | p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23302
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23305
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23307
access.redhat.com/errata/RHSA-2022:1296
access.redhat.com/security/cve/CVE-2021-4104
access.redhat.com/security/cve/CVE-2021-44832
access.redhat.com/security/cve/CVE-2021-45046
access.redhat.com/security/cve/CVE-2021-45105
access.redhat.com/security/cve/CVE-2022-23302
access.redhat.com/security/cve/CVE-2022-23305
access.redhat.com/security/cve/CVE-2022-23307
bugzilla.redhat.com/2031667
bugzilla.redhat.com/2032580
bugzilla.redhat.com/2034067
bugzilla.redhat.com/2035951
bugzilla.redhat.com/2041949
bugzilla.redhat.com/2041959
bugzilla.redhat.com/2041967
Related
nessus
nessus
RHEL 8 : RHV Manager (ovirt-engine) security update [ovirt-4.4.10-1] (Low) (RHSA-2022:0475)
2022-02-09 00:00:00
RHEL 8 : parfait:0.5 (RHSA-2022:0290)
2022-02-11 00:00:00
redhat
redhat
f5
f5
K34002344 : Overview of Log4j vulnerabilities (2021 and 2022)
2022-02-01 00:00:00
ibm
ibm
arista
arista
Security Advisory 0070
2022-05-20 00:00:00
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Apache Log4J
2021-12-13 07:24:02
Exploit for Deserialization of Untrusted Data in Apache Log4J
2021-12-13 07:24:02
Exploit for Deserialization of Untrusted Data in Apache Log4J
2021-12-13 07:24:02
qualysblog
qualysblog
Is Your Web Application Exploitable By Log4Shell Vulnerability?
2021-12-15 17:06:36
New Options Profiles for Log4Shell Detection
2021-12-20 17:33:11
CVE-2021-44228: Apache Log4j2 Zero-Day Exploited in the Wild (Log4Shell)
2021-12-10 19:30:11
thn
thn
New Apache Log4j Update Released to Patch Newly Discovered Vulnerability
2021-12-29 04:59:00
Microsoft Warns of Continued Attacks Exploiting Apache Log4j Vulnerabilities
2022-01-05 05:12:00
New Local Attack Vector Expands the Attack Surface of Log4j Vulnerability
2021-12-18 12:18:00
rapid7blog
rapid7blog
Widespread Exploitation of Critical Remote Code Execution in Apache Log4j
2021-12-10 15:30:00
oraclelinux
oraclelinux
parfait:0.5 security update
2022-01-27 00:00:00
log4j security update
2022-02-08 00:00:00
osv
osv
apache-log4j1.2 - security update
2022-01-31 00:00:00
Important: parfait:0.5 security update
2022-01-26 14:27:19
Important: parfait:0.5 security update
2022-01-26 14:27:19
suse
suse
Security update for kafka (important)
2022-02-16 00:00:00
Security update for log4j (important)
2022-01-27 00:00:00
Security update for log4j12 (important)
2022-01-28 00:00:00
debian
debian
[SECURITY] [DLA 2905-1] apache-log4j1.2 security update
2022-01-31 14:24:44
rocky
rocky
parfait:0.5 security update
2022-01-26 14:27:19
almalinux
almalinux
Important: parfait:0.5 security update
2022-01-26 14:27:19
paloalto
paloalto
citrix
citrix
github
github
GitHub’s response to Log4j vulnerability CVE-2021-44228
2021-12-13 19:06:34
Security Advisory for "Log4Shell"
2022-01-21 23:25:04
cisco
cisco
checkpoint_security
checkpoint_security
Check Point's response to Apache Log4j Remote Code Execution
2021-12-10 11:28:03
centos
centos
log4j security update
2022-02-07 16:47:44
amazon
amazon
Important: log4j
2023-03-30 22:50:00
Important: log4j
2022-02-15 22:54:00
atlassian
atlassian
Crowd: Multiple vulnerabilities in log4j < 1.2.7-atlassian-16
2022-05-18 08:53:01
Jira: Multiple vulnerabilities in log4j < 1.2.17-atlassian-16
2022-06-06 12:49:38
hivepro
hivepro
mageia
mageia
Updated davmail packages fix security vulnerability
2023-04-15 22:03:44
securelist
securelist
Answering Log4Shell-related questions
2021-12-20 15:45:30
avleonov
avleonov
Log4j “Log4Shell” RCE explained (CVE-2021-44228)
2021-12-26 22:07:17
fedora
fedora
[SECURITY] Fedora 34 Update: log4j-2.17.0-1.fc34
2021-12-27 00:56:30
[SECURITY] Fedora 35 Update: log4j-2.17.0-1.fc35
2021-12-27 00:41:40
Related for REDHAT-RHSA-2022-1296.NASL