(RHSA-2016:1428) Important: Red Hat JBoss BRMS 6.3.1 security and bug fix update

2016-07-14T21:46:41
ID RHSA-2016:1428
Type redhat
Reporter RedHat
Modified 2019-02-20T17:28:24

Description

Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules.

Security Fix(es):

  • A security flaw was found in the way Dashbuilder performed SQL datasets lookup requests in the Data Set Authoring UI or the Displayer editor UI. A remote attacker could use this flaw to conduct SQL injection attacks via specially-crafted string filter parameter. (CVE-2016-4999)

This issue was discovered by David Gutierrez (Red Hat).