(RHSA-2017:2546) Important: Red Hat JBoss BPM Suite 6.4.5 security update

2017-08-29T19:31:56

Description

Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This release of Red Hat JBoss BPM Suite 6.4.5 serves as a replacement for Red Hat JBoss BPM Suite 6.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525) * A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970) * An XXE vulnerability was found in Apache Batik which could allow a remote attacker to retrieve the files on the vulnerable server's filesystem by uploading specially crafted SVG images. The vulnerability could also allow a denial of service condition by performing an amplification attack. (CVE-2017-5662) Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.

{"id": "RHSA-2017:2546", "vendorId": null, "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2017:2546) Important: Red Hat JBoss BPM Suite 6.4.5 security update", "description": "Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes.\n\nThis release of Red Hat JBoss BPM Suite 6.4.5 serves as a replacement for Red Hat JBoss BPM Suite 6.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* An XXE vulnerability was found in Apache Batik which could allow a remote attacker to retrieve the files on the vulnerable server's filesystem by uploading specially crafted SVG images. The vulnerability could also allow a denial of service condition by performing an amplification attack. (CVE-2017-5662)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "published": "2017-08-29T19:31:56", "modified": "2017-08-29T19:32:41", "epss": [{"cve": "CVE-2014-9970", "epss": 0.00444, "percentile": 0.71231, "modified": "2023-05-25"}, {"cve": "CVE-2017-5662", "epss": 0.002, "percentile": 0.56452, "modified": "2023-05-25"}, {"cve": "CVE-2017-7525", "epss": 0.77666, "percentile": 0.9773, "modified": "2023-05-25"}], "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "SINGLE", "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.9}, "severity": "HIGH", "exploitabilityScore": 6.8, "impactScore": 9.2, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://access.redhat.com/errata/RHSA-2017:2546", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2014-9970", "CVE-2017-5662", "CVE-2017-7525"], "immutableFields": [], "lastseen": "2023-05-26T12:21:19", "viewCount": 19, "enchantments": {"dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2018-2159"]}, {"type": "cve", "idList": ["CVE-2014-9970", "CVE-2017-15095", "CVE-2017-17485", "CVE-2017-5662", "CVE-2017-7525", "CVE-2018-5968", "CVE-2018-7489", "CVE-2019-10202"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2091-1:A9C2E", "DEBIAN:DLA-2342-1:7AEB4", "DEBIAN:DLA-926-1:27AC0", "DEBIAN:DSA-4004-1:17FA8", "DEBIAN:DSA-4004-1:F9730", "DEBIAN:DSA-4037-1:25D25", "DEBIAN:DSA-4037-1:C6592", "DEBIAN:DSA-4190-1:21588", "DEBIAN:DSA-4190-1:7ADD0", "DEBIAN:DSA-4215-1:131D7", "DEBIAN:DSA-4215-1:4B480"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-9970", "DEBIANCVE:CVE-2017-15095", "DEBIANCVE:CVE-2017-17485", "DEBIANCVE:CVE-2017-5662", "DEBIANCVE:CVE-2017-7525", "DEBIANCVE:CVE-2018-5968", "DEBIANCVE:CVE-2018-7489"]}, {"type": "f5", "idList": ["F5:K65417229"]}, {"type": "fedora", "idList": ["FEDORA:197B860617F0", "FEDORA:613766079706", "FEDORA:9B33E60E86E5", "FEDORA:B9464608783A", "FEDORA:BC771622EB72", "FEDORA:CCD696079D01", "FEDORA:D17F86077DFD", "FEDORA:D74C160C9AD0", "FEDORA:D7E1E60C4225", "FEDORA:D8DAB61DD062"]}, {"type": "freebsd", "idList": ["93F8E0FF-F33D-11E8-BE46-0019DBB15B3F"]}, {"type": "github", "idList": ["GHSA-C27H-MCMW-48HV", "GHSA-CGGJ-FVV3-CQWV", "GHSA-H592-38CM-4GGP", "GHSA-QWGX-59JW-QFG9", "GHSA-QXXX-2PP7-5HMX", "GHSA-R5C2-RXH2-F5H2", "GHSA-RFX6-VP9G-RH7V", "GHSA-W3F4-3Q6J-RH82"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20180228-01-STRUTS"]}, {"type": "ibm", "idList": ["0ACDC7CDDEE06F34F2256DD048A556D53156ACF793ADBE3C9ED53FEEE712EF49", "11AC7F14B60A5C486180C6662F02676A29D51924B42EC510A55CFB87D09F8654", "147A4A45B7F74A2460AB0B30F03465821EDE2901DCB6027BFF8FD700A46C6ED2", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "366CE799D9AEE4234CE4D38A22D774A769300127F0319D9238DAEC27C48436E1", "437063148C0599A3C3F1CECB075FB83EAFC46606410F01E39088624674767E08", "47B8DD30E1DAA082C05A1D60F4C6C018A4FE6741AFA0C39A3672352DDBEBEC9F", "4CC8B98F4ED9C725505EC4B5E1489B4CB39C09C7F45C9B5BFCFB09D329EEEC7A", "506E8C92E0B76D834A33E4AE02E5206A0ABF28570630F6E4A780D13A5238D647", "58759DAA2FBDDE363804C8668CBC2A6A8DFDD8F614B368BF40061CF9DE918FF6", "5E1A81920E6A1A1EE7EBA39E8D98B9A3EBC541A4AA719610D4E288278B7C2CC7", "61FF6F10F0D76277F85A8A525D2C9989283AB04F3D830BEC0894CE78DF0624A3", "654F3603785F612FCB89C4655C367EC60F72994A083FCDAAF1A7F63C68137F21", "66886B86D22AD162D05F9B987C32085ED4A1AA2754E87D356E718DE087B7313A", "6BE8692D3822CA78B4646C336839C76002B91C314A2131C842F23F12148509D9", "765EE754DDB2AFC25A4F81B453619E8DE782835F4B2ACED4DF8CE43B5D4C10B8", "7CD76102AB6BC7575AE0FC31DF4EFC5F5C1D5540091DFEFF03725F29385E3537", "8ECA6222D3C238F29A31FEE8DEAFD26C737F2975DCA8D95684CFF7F79AA0F358", "989BF293C7092FFD11AA33DF268D74DDF2FE740CEF8C6C7B0A84E8A14F4D2E5F", "A04FE2EEFC21C3A9305B1CF7463C731D28C17EB5521A8E54F5F564939C5E91E2", "CD8271F1E3A620207AA3EAC35F944E1453EFEBC4728A88B9C3D9D0DA7F511F56", "DB5D4D065C0F261805DE8CAED872298523533EEBF7999AB216A1D9F951C28DC5", "DD7E796DC101D56D3818D53295F88146B9FC7EE7058C596477B1B5AFCE363B74", "E8785330052719CAFEAAD58D08CA6A5AC216720B2ADB457FB5C017CF4DA084A7", "EBBA69401956060B98C4FDDE1CDAAA10D09B28A527F8C5C2F8D2998B16B675C4", "F2BC67EAFE3FB2B6D727749BE51CA6E2C0B10F71672B140D5EFF2E7D2355E378", "F5E5847B8D011EB775851B25E8101976C75D1C44D438BA4EE24D0DEFCE641B4A", "FF8DB78F22CB24A549324F1BD88656C5EF156F945EC890C85CED4CCF556C4237"]}, {"type": "mageia", "idList": ["MGASA-2017-0255", "MGASA-2017-0408"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2091.NASL", "DEBIAN_DLA-2342.NASL", "DEBIAN_DLA-926.NASL", "DEBIAN_DSA-4004.NASL", "DEBIAN_DSA-4037.NASL", "DEBIAN_DSA-4190.NASL", "DEBIAN_DSA-4215.NASL", "FEDORA_2017-43B46CD2DA.NASL", "FEDORA_2017-6A75C816FA.NASL", "FEDORA_2017-7A5F625013.NASL", "FEDORA_2017-8DF9EFED5F.NASL", "FEDORA_2017-AFF3DD3101.NASL", "FEDORA_2017-F452765E1E.NASL", "FREEBSD_PKG_93F8E0FFF33D11E8BE460019DBB15B3F.NASL", "JFROG_ARTIFACTORY_6_1.NASL", "JFROG_ARTIFACTORY_7_8_1.NASL", "ORACLE_BI_PUBLISHER_APR_2018_CPU.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2018.NASL", "REDHAT-RHSA-2017-1834.NASL", "REDHAT-RHSA-2017-1835.NASL", "REDHAT-RHSA-2017-1837.NASL", "REDHAT-RHSA-2017-2635.NASL", "REDHAT-RHSA-2017-2636.NASL", "REDHAT-RHSA-2017-2637.NASL", "REDHAT-RHSA-2017-2638.NASL", "REDHAT-RHSA-2017-2808.NASL", "REDHAT-RHSA-2017-2809.NASL", "REDHAT-RHSA-2017-2811.NASL", "REDHAT-RHSA-2017-2904.NASL", "REDHAT-RHSA-2017-2905.NASL", "REDHAT-RHSA-2017-3141.NASL", "REDHAT-RHSA-2017-3189.NASL", "REDHAT-RHSA-2017-3454.NASL", "REDHAT-RHSA-2017-3455.NASL", "REDHAT-RHSA-2017-3458.NASL", "REDHAT-RHSA-2018-0116.NASL", "REDHAT-RHSA-2018-0342.NASL", "REDHAT-RHSA-2018-0479.NASL", "REDHAT-RHSA-2018-0480.NASL", "REDHAT-RHSA-2018-0481.NASL", "REDHAT-RHSA-2018-1448.NASL", "REDHAT-RHSA-2018-1449.NASL", "REDHAT-RHSA-2018-1451.NASL", "REDHAT-RHSA-2018-1525.NASL", "REDHAT-RHSA-2018-2089.NASL", "REDHAT-RHSA-2018-2090.NASL", "REDHAT-RHSA-2018-2927.NASL", "STRUTS_2_5_14_1.NASL", "UBUNTU_USN-3280-1.NASL", "UBUNTU_USN-4741-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107824", "OPENVAS:1361412562310704004", "OPENVAS:1361412562310704037", "OPENVAS:1361412562310704190", "OPENVAS:1361412562310704215", "OPENVAS:1361412562310812320", "OPENVAS:1361412562310812321", "OPENVAS:1361412562310843154", "OPENVAS:1361412562310872653", "OPENVAS:1361412562310872657", "OPENVAS:1361412562310873202", "OPENVAS:1361412562310873247", "OPENVAS:1361412562310873261", "OPENVAS:1361412562310873673", "OPENVAS:1361412562310873728", "OPENVAS:1361412562310874108", "OPENVAS:1361412562310874109", "OPENVAS:1361412562310890926", "OPENVAS:1361412562310892091"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2018", "ORACLE:CPUAPR2019", "ORACLE:CPUJAN2019", "ORACLE:CPUJUL2018", "ORACLE:CPUJUL2019", "ORACLE:CPUOCT2017", "ORACLE:CPUOCT2018", "ORACLE:CPUOCT2020"]}, {"type": "osv", "idList": ["OSV:DLA-2091-1", "OSV:DLA-2342-1", "OSV:DLA-926-1", "OSV:DSA-4004-1", "OSV:DSA-4037-1", "OSV:DSA-4190-1", "OSV:DSA-4215-1", "OSV:GHSA-C27H-MCMW-48HV", "OSV:GHSA-CGGJ-FVV3-CQWV", "OSV:GHSA-H592-38CM-4GGP", "OSV:GHSA-QWGX-59JW-QFG9", "OSV:GHSA-QXXX-2PP7-5HMX", "OSV:GHSA-R5C2-RXH2-F5H2", "OSV:GHSA-RFX6-VP9G-RH7V", "OSV:GHSA-W3F4-3Q6J-RH82"]}, {"type": "redhat", "idList": ["RHSA-2017:1834", "RHSA-2017:1835", "RHSA-2017:1836", "RHSA-2017:1837", "RHSA-2017:1839", "RHSA-2017:1840", "RHSA-2017:2477", "RHSA-2017:2547", "RHSA-2017:2633", "RHSA-2017:2635", "RHSA-2017:2636", "RHSA-2017:2637", "RHSA-2017:2638", "RHSA-2017:2808", "RHSA-2017:2809", "RHSA-2017:2810", "RHSA-2017:2811", "RHSA-2017:2904", "RHSA-2017:2905", "RHSA-2017:2906", "RHSA-2017:3141", "RHSA-2017:3189", "RHSA-2017:3190", "RHSA-2017:3454", "RHSA-2017:3455", "RHSA-2017:3456", "RHSA-2017:3458", "RHSA-2018:0116", "RHSA-2018:0294", "RHSA-2018:0319", "RHSA-2018:0342", "RHSA-2018:0478", "RHSA-2018:0479", "RHSA-2018:0480", "RHSA-2018:0481", "RHSA-2018:0576", "RHSA-2018:0577", "RHSA-2018:1447", "RHSA-2018:1448", "RHSA-2018:1449", "RHSA-2018:1450", "RHSA-2018:1451", "RHSA-2018:1525", "RHSA-2018:1786", "RHSA-2018:2088", "RHSA-2018:2089", "RHSA-2018:2090", "RHSA-2018:2927", "RHSA-2018:2938", "RHSA-2018:2939", "RHSA-2019:0910", "RHSA-2019:2858", "RHSA-2019:3149", "RHSA-2019:3892", "RHSA-2020:2562"]}, {"type": "redhatcve", "idList": ["RH:CVE-2014-9970", "RH:CVE-2017-15095", "RH:CVE-2017-17485", "RH:CVE-2017-7525", "RH:CVE-2018-5968", "RH:CVE-2018-7489", "RH:CVE-2019-10202"]}, {"type": "seebug", "idList": ["SSV:92962", "SSV:96913", "SSV:97076"]}, {"type": "ubuntu", "idList": ["USN-3280-1", "USN-4741-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-9970", "UB:CVE-2017-15095", "UB:CVE-2017-17485", "UB:CVE-2017-5662", "UB:CVE-2017-7525", "UB:CVE-2018-5968", "UB:CVE-2018-7489"]}, {"type": "veracode", "idList": ["VERACODE:12540", "VERACODE:12598", "VERACODE:12634", "VERACODE:12693", "VERACODE:3925", "VERACODE:3929", "VERACODE:4267", "VERACODE:5364", "VERACODE:5684", "VERACODE:5732", "VERACODE:5854", "VERACODE:8090", "VERACODE:8091", "VERACODE:8093", "VERACODE:8105"]}, {"type": "zdt", "idList": ["1337DAY-ID-29102"]}]}, "score": {"value": 9.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2017-5662", "CVE-2017-7525"]}, {"type": "debian", "idList": ["DEBIAN:DLA-926-1:27AC0", "DEBIAN:DSA-4004-1:17FA8", "DEBIAN:DSA-4037-1:25D25", "DEBIAN:DSA-4190-1:7ADD0", "DEBIAN:DSA-4215-1:4B480"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-5662"]}, {"type": "f5", "idList": ["F5:K65417229"]}, {"type": "fedora", "idList": ["FEDORA:197B860617F0", "FEDORA:613766079706", "FEDORA:9B33E60E86E5", "FEDORA:B9464608783A", "FEDORA:BC771622EB72", "FEDORA:CCD696079D01", "FEDORA:D17F86077DFD", "FEDORA:D74C160C9AD0", "FEDORA:D7E1E60C4225", "FEDORA:D8DAB61DD062"]}, {"type": "freebsd", "idList": ["93F8E0FF-F33D-11E8-BE46-0019DBB15B3F"]}, {"type": "github", "idList": ["GHSA-QXXX-2PP7-5HMX"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20180228-01-STRUTS"]}, {"type": "ibm", "idList": ["147A4A45B7F74A2460AB0B30F03465821EDE2901DCB6027BFF8FD700A46C6ED2", "6BE8692D3822CA78B4646C336839C76002B91C314A2131C842F23F12148509D9", "DD7E796DC101D56D3818D53295F88146B9FC7EE7058C596477B1B5AFCE363B74"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/DEBIAN-CVE-2018-7489/", "MSF:ILITIES/FREEBSD-CVE-2018-7489/", "MSF:ILITIES/ORACLE-WEBLOGIC-CVE-2018-7489/", "MSF:ILITIES/REDHAT-OPENSHIFT-CVE-2018-5968/", "MSF:ILITIES/REDHAT-OPENSHIFT-CVE-2018-7489/", "MSF:ILITIES/RED_HAT-JBOSS_EAP-CVE-2018-7489/", "MSF:ILITIES/RED_HAT-JBOSS_EAP-CVE-2019-10202/"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-926.NASL", "FEDORA_2017-43B46CD2DA.NASL", "FEDORA_2017-7A5F625013.NASL", "FEDORA_2017-AFF3DD3101.NASL", "REDHAT_UPDATE_LEVEL.NASL", "STRUTS_2_5_14_1.NASL", "UBUNTU_USN-3280-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310812320", "OPENVAS:1361412562310812321", "OPENVAS:1361412562310843154", "OPENVAS:1361412562310872653", "OPENVAS:1361412562310872657", "OPENVAS:1361412562310873673", "OPENVAS:1361412562310873728", "OPENVAS:1361412562310874108", "OPENVAS:1361412562310874109"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2019"]}, {"type": "osv", "idList": ["OSV:GHSA-QXXX-2PP7-5HMX"]}, {"type": "redhat", "idList": ["RHSA-2017:2905"]}, {"type": "redhatcve", "idList": ["RH:CVE-2014-9970"]}, {"type": "seebug", "idList": ["SSV:92962", "SSV:96913"]}, {"type": "ubuntu", "idList": ["USN-3280-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-7525"]}, {"type": "zdt", "idList": ["1337DAY-ID-29102"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2014-9970", "epss": 0.00444, "percentile": 0.71104, "modified": "2023-05-08"}, {"cve": "CVE-2017-5662", "epss": 0.002, "percentile": 0.56335, "modified": "2023-05-08"}, {"cve": "CVE-2017-7525", "epss": 0.77666, "percentile": 0.97714, "modified": "2023-05-08"}], "vulnersScore": 9.3}, "_state": {"dependencies": 1685103890, "score": 1685104081, "epss": 0}, "_internal": {"score_hash": "3ce3c8a62a0f71e4a7358d3517668cc3"}, "affectedPackage": [], "vendorCvss": {"severity": "important"}}

{"redhat": [{"lastseen": "2023-05-26T12:21:19", "description": "Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules.\n\nThis release of Red Hat JBoss BRMS 6.4.5 serves as a replacement for Red Hat JBoss BRMS 6.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* An XXE vulnerability was found in Apache Batik which could allow a remote attacker to retrieve the files on the vulnerable server's filesystem by uploading specially crafted SVG images. The vulnerability could also allow a denial of service condition by performing an amplification attack. (CVE-2017-5662)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-29T19:32:06", "type": "redhat", "title": "(RHSA-2017:2547) Important: Red Hat JBoss BRMS 6.4.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970", "CVE-2017-5662", "CVE-2017-7525"], "modified": "2017-08-29T19:32:41", "id": "RHSA-2017:2547", "href": "https://access.redhat.com/errata/RHSA-2017:2547", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2023-05-26T12:21:13", "description": "Red Hat JBoss Data Grid is a distributed in-memory data grid, based on Infinispan.\n\nThis release of Red Hat JBoss Data Grid 7.1.2 serves as a replacement for Red Hat JBoss Data Grid 7.1.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* It was found that the Hotrod client in Infinispan would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks. (CVE-2017-15089)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525 and Man Yue Mo (Semmle/lgtm.com) for reporting CVE-2017-15089.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-12T17:18:53", "type": "redhat", "title": "(RHSA-2018:0294) Important: Red Hat JBoss Data Grid 7.1.2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970", "CVE-2017-15089", "CVE-2017-7525"], "modified": "2018-02-12T17:19:17", "id": "RHSA-2018:0294", "href": "https://access.redhat.com/errata/RHSA-2018:0294", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T12:21:19", "description": "The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal.\n\nThe following packages have been upgraded to a later upstream version: rhvm-appliance (20171019.0). (BZ#1496586)\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525. The CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-07T17:03:46", "type": "redhat", "title": "(RHSA-2017:3141) Important: rhvm-appliance security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970", "CVE-2017-7525", "CVE-2017-7536"], "modified": "2018-03-19T12:29:45", "id": "RHSA-2017:3141", "href": "https://access.redhat.com/errata/RHSA-2017:3141", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting this issue.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-07-31T16:09:20", "type": "redhat", "title": "(RHSA-2017:1839) Important: rh-eclipse46-jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2018-04-23T07:41:49", "id": "RHSA-2017:1839", "href": "https://access.redhat.com/errata/RHSA-2017:1839", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting this issue.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-07-31T16:09:44", "type": "redhat", "title": "(RHSA-2017:1840) Important: devtoolset-4-jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2018-06-12T21:28:26", "id": "RHSA-2017:1840", "href": "https://access.redhat.com/errata/RHSA-2017:1840", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.7.\n\nRefer to the JBoss Enterprise Application Platform 7.0.7 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* It was found that use of a JMS ObjectMessage does not safely handle user-supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the JMS ObjectMessage. (CVE-2016-4978)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-07-31T15:08:24", "type": "redhat", "title": "(RHSA-2017:1837) Important: eap7-jboss-ec2-eap security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4978", "CVE-2017-7525"], "modified": "2018-06-06T22:39:12", "id": "RHSA-2017:1837", "href": "https://access.redhat.com/errata/RHSA-2017:1837", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* It was found that use of a JMS ObjectMessage does not safely handle user-supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the JMS ObjectMessage. (CVE-2016-4978)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-07-31T14:43:40", "type": "redhat", "title": "(RHSA-2017:1836) Important: Red Hat JBoss Enterprise Application Platform 7.0.7", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4978", "CVE-2017-7525"], "modified": "2017-07-31T14:44:18", "id": "RHSA-2017:1836", "href": "https://access.redhat.com/errata/RHSA-2017:1836", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.6, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* It was found that use of a JMS ObjectMessage does not safely handle user-supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the JMS ObjectMessage. (CVE-2016-4978)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-07-31T14:42:46", "type": "redhat", "title": "(RHSA-2017:1834) Important: Red Hat JBoss Enterprise Application Platform 7.0.7 on RHEL 6", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4978", "CVE-2017-7525"], "modified": "2018-06-06T22:39:12", "id": "RHSA-2017:1834", "href": "https://access.redhat.com/errata/RHSA-2017:1834", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.6, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* It was found that use of a JMS ObjectMessage does not safely handle user-supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the JMS ObjectMessage. (CVE-2016-4978)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-07-31T14:43:11", "type": "redhat", "title": "(RHSA-2017:1835) Important: Red Hat JBoss Enterprise Application Platform 7.0.7 on RHEL 7", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4978", "CVE-2017-7525"], "modified": "2018-03-19T12:13:55", "id": "RHSA-2017:1835", "href": "https://access.redhat.com/errata/RHSA-2017:1835", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:16", "description": "Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes.\n\nThis release of Red Hat JBoss BPM Suite 6.4.9 serves as a replacement for Red Hat JBoss BPM Suite 6.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting this issue.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-03-22T08:09:42", "type": "redhat", "title": "(RHSA-2018:0577) Important: Red Hat JBoss BPM Suite 6.4.9 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2018-03-22T08:09:59", "id": "RHSA-2018:0577", "href": "https://access.redhat.com/errata/RHSA-2018:0577", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:16", "description": "Red Hat Openshift Application Runtimes provides an application platform\nthat reduces the complexity of developing and operating applications\n(monoliths and microservices) for OpenShift as a containerized platform.\n\nThe RHOAR Eclipse Vert.x 3.5.1 release serves as a replacement for RHOAR Eclipse Vert.x 3.4.2, and includes bug fixes and enhancements. For a detailed list of issues resolved in the community Eclipse Vert.x 3.5.1 release, see the release notes in the References section.\n\nSecurity Fix(es):\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-04T11:15:04", "type": "redhat", "title": "(RHSA-2018:1786) Moderate: Red Hat OpenShift Application Runtimes security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-7489"], "modified": "2018-06-04T11:15:21", "id": "RHSA-2018:1786", "href": "https://access.redhat.com/errata/RHSA-2018:1786", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:16", "description": "Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules.\n\nThis release of Red Hat JBoss BRMS 6.4.9 serves as a replacement for Red Hat JBoss BRMS 6.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting this issue.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-03-22T08:08:09", "type": "redhat", "title": "(RHSA-2018:0576) Important: Red Hat JBoss BRMS 6.4.9 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2018-03-22T08:08:28", "id": "RHSA-2018:0576", "href": "https://access.redhat.com/errata/RHSA-2018:0576", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously. (CVE-2017-15095)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting this issue.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-13T04:14:58", "type": "redhat", "title": "(RHSA-2017:3189) Important: rh-eclipse47-jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2017-11-13T04:15:38", "id": "RHSA-2017:3189", "href": "https://access.redhat.com/errata/RHSA-2017:3189", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously. (CVE-2017-15095)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting this issue.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-13T04:15:22", "type": "redhat", "title": "(RHSA-2017:3190) Important: rh-eclipse46-jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2018-04-23T07:41:48", "id": "RHSA-2017:3190", "href": "https://access.redhat.com/errata/RHSA-2017:3190", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T02:21:23", "description": "Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database.\n\nThis release of Red Hat JBoss Data Virtualization 6.3 Update 7 serves as a replacement for Red Hat JBoss Data Virtualization 6.3 Update 6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* A vulnerability was discovered in Apache Thrift client libraries that allows remote, authenticated attackers to cause an infinite recursion via vectors involving the skip function; resulting in a denial of service (DoS) condition. (CVE-2015-3254)\n\n* A denial of service vulnerability was discovered in ZooKeeper which allows an attacker to dramatically increase CPU utilization by abusing \"wchp/wchc\" commands, leading to the server being unable to serve legitimate requests. (CVE-2017-5637)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-15T15:01:06", "type": "redhat", "title": "(RHSA-2017:2477) Important: Red Hat JBoss Data Virtualization 6.3 Update 7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3254", "CVE-2017-5637", "CVE-2017-7525"], "modified": "2017-08-15T15:01:32", "id": "RHSA-2017:2477", "href": "https://access.redhat.com/errata/RHSA-2017:2477", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:16", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.1.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-27T14:46:20", "type": "redhat", "title": "(RHSA-2018:2090) Moderate: Red Hat JBoss Enterprise Application Platform security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-1114", "CVE-2018-7489"], "modified": "2018-07-05T13:43:17", "id": "RHSA-2018:2090", "href": "https://access.redhat.com/errata/RHSA-2018:2090", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:16", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.1.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.2, and includes bug fixes and enhancements, which are documented in the Release Notes. The Release Notes for JBoss Enterprise Application Platform can be found on the Product Documentation page, linked in References.\n\nSecurity Fix(es):\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe\nserialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-27T14:33:45", "type": "redhat", "title": "(RHSA-2018:2088) Moderate: Red Hat JBoss Enterprise Application Platform 7.1.3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-1114", "CVE-2018-7489"], "modified": "2018-07-05T13:38:05", "id": "RHSA-2018:2088", "href": "https://access.redhat.com/errata/RHSA-2018:2088", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:16", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.1.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-27T14:46:17", "type": "redhat", "title": "(RHSA-2018:2089) Moderate: Red Hat JBoss Enterprise Application Platform security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-1114", "CVE-2018-7489"], "modified": "2018-07-05T13:42:15", "id": "RHSA-2018:2089", "href": "https://access.redhat.com/errata/RHSA-2018:2089", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-05T14:32:51", "type": "redhat", "title": "(RHSA-2017:2636) Important: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 7", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5645", "CVE-2017-5664", "CVE-2017-7525"], "modified": "2018-03-19T12:13:49", "id": "RHSA-2017:2636", "href": "https://access.redhat.com/errata/RHSA-2017:2636", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-05T14:32:26", "type": "redhat", "title": "(RHSA-2017:2635) Important: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 6", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5645", "CVE-2017-5664", "CVE-2017-7525"], "modified": "2018-06-06T22:39:09", "id": "RHSA-2017:2635", "href": "https://access.redhat.com/errata/RHSA-2017:2635", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:16", "description": "The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* Further classes that an attacker could use to achieve code execution through deserialisation were discovered, and added to the blacklist introduced by CVE-2017-7525. (CVE-2017-15095, CVE-2017-17485)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525 and CVE-2017-15095 and 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-22T08:56:45", "type": "redhat", "title": "(RHSA-2018:0342) Important: rh-maven35-jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2017-7525"], "modified": "2018-04-26T07:21:22", "id": "RHSA-2018:0342", "href": "https://access.redhat.com/errata/RHSA-2018:0342", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es):\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously. (CVE-2017-17485)\n\nRed Hat would like to thank 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting this issue.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-23T05:27:26", "type": "redhat", "title": "(RHSA-2018:0116) Important: rh-eclipse46-jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2017-7525"], "modified": "2018-04-23T07:41:50", "id": "RHSA-2018:0116", "href": "https://access.redhat.com/errata/RHSA-2018:0116", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-05T14:33:23", "type": "redhat", "title": "(RHSA-2017:2637) Important: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 5", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5645", "CVE-2017-5664", "CVE-2017-7525"], "modified": "2017-09-05T14:47:00", "id": "RHSA-2017:2637", "href": "https://access.redhat.com/errata/RHSA-2017:2637", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:19:56", "description": "Red Hat OpenShift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of RHOAR Thorntail 2.2.0 serves as a replacement for RHOAR WildFly Swarm 7.1.0, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* undertow: Path traversal in ServletResourceManager class (CVE-2018-1047)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-17T13:02:36", "type": "redhat", "title": "(RHSA-2018:2938) Moderate: Red Hat OpenShift Application Runtimes Thorntail 2.2.0 security & bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-1047", "CVE-2018-7489"], "modified": "2018-10-17T13:03:05", "id": "RHSA-2018:2938", "href": "https://access.redhat.com/errata/RHSA-2018:2938", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T12:21:19", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-26T17:22:47", "type": "redhat", "title": "(RHSA-2017:2808) Important: Red Hat JBoss Enterprise Application Platform security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970", "CVE-2015-6644", "CVE-2017-2582", "CVE-2017-5645", "CVE-2017-7536"], "modified": "2018-03-19T12:13:55", "id": "RHSA-2017:2808", "href": "https://access.redhat.com/errata/RHSA-2017:2808", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T12:21:19", "description": "Red Hat Single Sign-On 7.1 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. The Node.js adapter provides a simple module for authentication and authorization in Node.js applications.\n\nThis release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* It was found that keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain reflected XSS via a malicious server. (CVE-2017-12158)\n\n* It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks. (CVE-2017-12159)\n\n* It was found that libpam4j did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information. (CVE-2017-12197)\n\n* It was found that Keycloak oauth would permit an authenticated resource to obtain an access/refresh token pair from the authentication server, permitting indefinite usage in the case of permission revocation. An attacker on an already compromised resource could use this flaw to grant himself continued permissions and possibly conduct further attacks. (CVE-2017-12160)\n\nRed Hat would like to thank Mykhailo Stadnyk (Playtech) for reporting CVE-2017-12158; Prapti Mittal for reporting CVE-2017-12159; and Bart Toersche (Simacan) for reporting CVE-2017-12160. The CVE-2017-12197 issue was discovered by Christian Heimes (Red Hat).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-10-17T19:41:35", "type": "redhat", "title": "(RHSA-2017:2906) Moderate: Red Hat Single Sign-On security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970", "CVE-2017-12158", "CVE-2017-12159", "CVE-2017-12160", "CVE-2017-12197"], "modified": "2018-01-10T20:16:15", "id": "RHSA-2017:2906", "href": "https://access.redhat.com/errata/RHSA-2017:2906", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T12:21:19", "description": "Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* It was found that keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain reflected XSS via a malicious server. (CVE-2017-12158)\n\n* It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks. (CVE-2017-12159)\n\n* It was found that libpam4j did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information. (CVE-2017-12197)\n\n* It was found that Keycloak oauth would permit an authenticated resource to obtain an access/refresh token pair from the authentication server, permitting indefinite usage in the case of permission revocation. An attacker on an already compromised resource could use this flaw to grant himself continued permissions and possibly conduct further attacks. (CVE-2017-12160)\n\nRed Hat would like to thank Mykhailo Stadnyk (Playtech) for reporting CVE-2017-12158; Prapti Mittal for reporting CVE-2017-12159; and Bart Toersche (Simacan) for reporting CVE-2017-12160. The CVE-2017-12197 issue was discovered by Christian Heimes (Red Hat).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-10-17T19:40:56", "type": "redhat", "title": "(RHSA-2017:2905) Moderate: rh-sso7-keycloak security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970", "CVE-2017-12158", "CVE-2017-12159", "CVE-2017-12160", "CVE-2017-12197"], "modified": "2018-01-30T18:22:45", "id": "RHSA-2017:2905", "href": "https://access.redhat.com/errata/RHSA-2017:2905", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T12:21:19", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-26T17:22:51", "type": "redhat", "title": "(RHSA-2017:2809) Important: Red Hat JBoss Enterprise Application Platform security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970", "CVE-2015-6644", "CVE-2017-2582", "CVE-2017-5645", "CVE-2017-7536"], "modified": "2018-06-06T22:39:11", "id": "RHSA-2017:2809", "href": "https://access.redhat.com/errata/RHSA-2017:2809", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T12:21:19", "description": "Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* It was found that keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain reflected XSS via a malicious server. (CVE-2017-12158)\n\n* It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks. (CVE-2017-12159)\n\n* It was found that libpam4j did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information. (CVE-2017-12197)\n\n* It was found that Keycloak oauth would permit an authenticated resource to obtain an access/refresh token pair from the authentication server, permitting indefinite usage in the case of permission revocation. An attacker on an already compromised resource could use this flaw to grant himself continued permissions and possibly conduct further attacks. (CVE-2017-12160)\n\nRed Hat would like to thank Mykhailo Stadnyk (Playtech) for reporting CVE-2017-12158; Prapti Mittal for reporting CVE-2017-12159; and Bart Toersche (Simacan) for reporting CVE-2017-12160. The CVE-2017-12197 issue was discovered by Christian Heimes (Red Hat).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-10-17T19:40:36", "type": "redhat", "title": "(RHSA-2017:2904) Moderate: rh-sso7-keycloak security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970", "CVE-2017-12158", "CVE-2017-12159", "CVE-2017-12160", "CVE-2017-12197"], "modified": "2018-01-30T18:22:34", "id": "RHSA-2017:2904", "href": "https://access.redhat.com/errata/RHSA-2017:2904", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-05T14:23:50", "type": "redhat", "title": "(RHSA-2017:2633) Important: Red Hat JBoss Enterprise Application Platform 6.4.17 update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5645", "CVE-2017-5664", "CVE-2017-7525", "CVE-2019-17571"], "modified": "2019-12-26T04:42:43", "id": "RHSA-2017:2633", "href": "https://access.redhat.com/errata/RHSA-2017:2633", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.17.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-05T15:21:39", "type": "redhat", "title": "(RHSA-2017:2638) Important: jboss-ec2-eap security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5645", "CVE-2017-5664", "CVE-2017-7525", "CVE-2019-17571"], "modified": "2019-12-26T04:30:01", "id": "RHSA-2017:2638", "href": "https://access.redhat.com/errata/RHSA-2017:2638", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:19:56", "description": "This release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse 7.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* struts2: ClassLoader manipulation via request parameters (CVE-2014-0112)\n\n* jetty: HTTP request smuggling (CVE-2017-7657)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-30T15:17:04", "type": "redhat", "title": "(RHSA-2019:0910) Important: Red Hat Fuse 7.3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0112", "CVE-2017-7525", "CVE-2017-7657", "CVE-2019-0194"], "modified": "2019-10-22T15:20:42", "id": "RHSA-2019:0910", "href": "https://access.redhat.com/errata/RHSA-2019:0910", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:16", "description": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. \n\nRed Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.\n\nSecurity Fix(es):\n\n* It was found that spring-ldap contains a security vulnerability that allows an attacker to authenticate with arbitrary password. When spring-ldap connected to some LDAP servers, and when no additional attributes are bound, and when using LDAP BindAuthenticator with org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy as the authentication strategy, and setting userSearch, authentication is allowed with an arbitrary password when the username is correct. (CVE-2017-8028)\n\n* It was found that a flaw in hawtio could cause remote code execution via file upload. An attacker could use this vulnerability to upload crafted file which could be executed on target machine where hawtio is deployed. (CVE-2017-2617)\n\n* It was found that Apache Camel contains a security vulnerability via camel-hessian component. An attacker can utilize this flaw to deserialize malicious object on the target machine which could lead to Remote Code Execution (RCE). (CVE-2017-12633)\n\n* It was found that Apache Camel contains a security vulnerability via camel-castor component. An attacker can utilize this flaw to deserialize malicious object on the target machine which could lead to Remote Code Execution (RCE). (CVE-2017-12634)\n\n* It was found that a flaw exists in Switchyard component via Apache Batick. If an attacker sends a maliciously crafted SVG formed file on the target machine, that uses batik, files lying on the file system could be revealed to the attacker, depending on the user context in which the exploitable application is running. This flaw can also be leveraged to attack the availability of the target machine via DoS. (CVE-2017-5662)\n\nThe CVE-2017-2617 issue was discovered by Hooman Broujerdi (Red Hat).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-14T19:27:14", "type": "redhat", "title": "(RHSA-2018:0319) Important: Red Hat JBoss Fuse/A-MQ 6.3 R6 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12633", "CVE-2017-12634", "CVE-2017-2617", "CVE-2017-5662", "CVE-2017-8028"], "modified": "2018-02-14T19:27:47", "id": "RHSA-2018:0319", "href": "https://access.redhat.com/errata/RHSA-2018:0319", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2023-05-26T12:21:19", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-26T16:46:55", "type": "redhat", "title": "(RHSA-2017:2810) Important: Red Hat JBoss Enterprise Application Platform security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970", "CVE-2015-6644", "CVE-2017-2582", "CVE-2017-5645", "CVE-2017-7536", "CVE-2019-17571"], "modified": "2019-12-26T04:41:40", "id": "RHSA-2017:2810", "href": "https://access.redhat.com/errata/RHSA-2017:2810", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T12:21:19", "description": "The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.8.\n\nRefer to the JBoss Enterprise Application Platform 7.0.8 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-26T18:58:39", "type": "redhat", "title": "(RHSA-2017:2811) Important: eap7-jboss-ec2-eap security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970", "CVE-2015-6644", "CVE-2017-2582", "CVE-2017-5645", "CVE-2017-7536", "CVE-2019-17571"], "modified": "2019-12-26T04:34:56", "id": "RHSA-2017:2811", "href": "https://access.redhat.com/errata/RHSA-2017:2811", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-05-18T14:21:01", "description": "An update for rhvm-appliance is now available for RHEV 4.X RHEV-H and Agents for RHEL-7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal.\n\nThe following packages have been upgraded to a later upstream version:\nrhvm-appliance (20171019.0). (BZ#1496586)\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525. The CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).", "cvss3": {}, "published": "2017-11-10T00:00:00", "type": "nessus", "title": "RHEL 7 : rhvm-appliance (RHSA-2017:3141)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9970", "CVE-2017-7525", "CVE-2017-7536"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rhvm-appliance", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2017-3141.NASL", "href": "https://www.tenable.com/plugins/nessus/104493", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:3141. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104493);\n script_version(\"3.9\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2014-9970\", \"CVE-2017-7525\", \"CVE-2017-7536\");\n script_xref(name:\"RHSA\", value:\"2017:3141\");\n\n script_name(english:\"RHEL 7 : rhvm-appliance (RHSA-2017:3141)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for rhvm-appliance is now available for RHEV 4.X RHEV-H and\nAgents for RHEL-7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe RHV-M Virtual Appliance automates the process of installing and\nconfiguring the Red Hat Virtualization Manager. The appliance is\navailable to download as an OVA file from the Customer Portal.\n\nThe following packages have been upgraded to a later upstream version:\nrhvm-appliance (20171019.0). (BZ#1496586)\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in the jackson-databind which\ncould allow an unauthenticated user to perform code execution by\nsending the maliciously crafted input to the readValue method of the\nObjectMapper. (CVE-2017-7525)\n\n* A vulnerability was found in Jasypt that would allow an attacker to\nperform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that when the security manager's reflective\npermissions, which allows it to access the private members of the\nclass, are granted to Hibernate Validator, a potential privilege\nescalation can occur. By allowing the calling code to access those\nprivate members without the permission an attacker may be able to\nvalidate an invalid instance and access the private member value via\nConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting\nCVE-2017-7525. The CVE-2017-7536 issue was discovered by Gunnar\nMorling (Red Hat).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:3141\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-9970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7536\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rhvm-appliance package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhvm-appliance\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:3141\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"rhvm-appliance-4.1.20171102.0-1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rhvm-appliance\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:23", "description": "Lars Krapf and Pierre Ernst discovered that Apache Batik incorrectly handled XML external entities. A remote attacker could possibly use this issue to obtain sensitive files from the filesystem, or cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-05-10T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : batik vulnerability (USN-3280-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5662"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libbatik-java", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3280-1.NASL", "href": "https://www.tenable.com/plugins/nessus/100099", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3280-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100099);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2017-5662\");\n script_xref(name:\"USN\", value:\"3280-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : batik vulnerability (USN-3280-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Lars Krapf and Pierre Ernst discovered that Apache Batik incorrectly\nhandled XML external entities. A remote attacker could possibly use\nthis issue to obtain sensitive files from the filesystem, or cause a\ndenial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3280-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libbatik-java package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbatik-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libbatik-java\", pkgver:\"1.7.ubuntu-8ubuntu2.14.04.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libbatik-java\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:12:41", "description": "Security fix for CVE-2017-5662\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-05-10T00:00:00", "type": "nessus", "title": "Fedora 24 : batik (2017-aff3dd3101)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5662"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:batik", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-AFF3DD3101.NASL", "href": "https://www.tenable.com/plugins/nessus/100079", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-aff3dd3101.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100079);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5662\");\n script_xref(name:\"FEDORA\", value:\"2017-aff3dd3101\");\n\n script_name(english:\"Fedora 24 : batik (2017-aff3dd3101)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-5662\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-aff3dd3101\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected batik package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:batik\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"batik-1.8-9.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"batik\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:12:15", "description": "In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running.\nIf the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 1.7+dfsg-3+deb7u2.\n\nWe recommend that you upgrade your batik packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-05-01T00:00:00", "type": "nessus", "title": "Debian DLA-926-1 : batik security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5662"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libbatik-java", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-926.NASL", "href": "https://www.tenable.com/plugins/nessus/99737", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-926-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99737);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-5662\");\n\n script_name(english:\"Debian DLA-926-1 : batik security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"In Apache Batik before 1.9, files lying on the filesystem of the\nserver which uses batik can be revealed to arbitrary users who send\nmaliciously formed SVG files. The file types that can be shown depend\non the user context in which the exploitable application is running.\nIf the user is root a full compromise of the server - including\nconfidential or sensitive files - would be possible. XXE can also be\nused to attack the availability of the server via denial of service as\nthe references within a xml document can trivially trigger an\namplification attack.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1.7+dfsg-3+deb7u2.\n\nWe recommend that you upgrade your batik packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/04/msg00044.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/batik\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected libbatik-java package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbatik-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libbatik-java\", reference:\"1.7+dfsg-3+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:55", "description": "Update to upstream version 1.9. Fixes CVE-2017-5662.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-17T00:00:00", "type": "nessus", "title": "Fedora 26 : batik (2017-7a5f625013)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5662"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:batik", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-7A5F625013.NASL", "href": "https://www.tenable.com/plugins/nessus/101662", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-7a5f625013.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101662);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5662\");\n script_xref(name:\"FEDORA\", value:\"2017-7a5f625013\");\n\n script_name(english:\"Fedora 26 : batik (2017-7a5f625013)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 1.9. Fixes CVE-2017-5662.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a5f625013\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected batik package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:batik\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"batik-1.9-3.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"batik\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:21", "description": "Security fix for CVE-2017-5662\n\n----\n\nAdd missing requires on xmlgraphics-commons\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-05-10T00:00:00", "type": "nessus", "title": "Fedora 25 : batik (2017-43b46cd2da)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5662"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:batik", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-43B46CD2DA.NASL", "href": "https://www.tenable.com/plugins/nessus/100074", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-43b46cd2da.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100074);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-5662\");\n script_xref(name:\"FEDORA\", value:\"2017-43b46cd2da\");\n\n script_name(english:\"Fedora 25 : batik (2017-43b46cd2da)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-5662\n\n----\n\nAdd missing requires on xmlgraphics-commons\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-43b46cd2da\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected batik package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:batik\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"batik-1.8-9.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"batik\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:50", "description": "Security fix for CVE-2017-7525\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-14T00:00:00", "type": "nessus", "title": "Fedora 26 : jackson-databind (2017-6a75c816fa)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7525"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jackson-databind", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-6A75C816FA.NASL", "href": "https://www.tenable.com/plugins/nessus/102456", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-6a75c816fa.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102456);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-7525\");\n script_xref(name:\"FEDORA\", value:\"2017-6a75c816fa\");\n\n script_name(english:\"Fedora 26 : jackson-databind (2017-6a75c816fa)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-7525\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-6a75c816fa\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jackson-databind package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"jackson-databind-2.7.6-3.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jackson-databind\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:08", "description": "Security fix for CVE-2017-7525\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-11T00:00:00", "type": "nessus", "title": "Fedora 24 : jackson-databind (2017-8df9efed5f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7525"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jackson-databind", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-8DF9EFED5F.NASL", "href": "https://www.tenable.com/plugins/nessus/102395", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-8df9efed5f.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102395);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-7525\");\n script_xref(name:\"FEDORA\", value:\"2017-8df9efed5f\");\n\n script_name(english:\"Fedora 24 : jackson-databind (2017-8df9efed5f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-7525\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-8df9efed5f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jackson-databind package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"jackson-databind-2.6.3-3.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jackson-databind\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:15", "description": "Liao Xinxi discovered that jackson-databind, a Java library used to parse JSON and other data formats, did not properly validate user input before attemtping deserialization. This allowed an attacker to perform code execution by providing maliciously crafted input.", "cvss3": {}, "published": "2017-10-23T00:00:00", "type": "nessus", "title": "Debian DSA-4004-1 : jackson-databind - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7525"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:jackson-databind", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4004.NASL", "href": "https://www.tenable.com/plugins/nessus/104057", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4004. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104057);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-7525\");\n script_xref(name:\"DSA\", value:\"4004\");\n\n script_name(english:\"Debian DSA-4004-1 : jackson-databind - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Liao Xinxi discovered that jackson-databind, a Java library used to\nparse JSON and other data formats, did not properly validate user\ninput before attemtping deserialization. This allowed an attacker to\nperform code execution by providing maliciously crafted input.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/jackson-databind\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/jackson-databind\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-4004\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the jackson-databind packages.\n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 2.4.2-2+deb8u1.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 2.8.6-1+deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java\", reference:\"2.4.2-2+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.4.2-2+deb8u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java\", reference:\"2.8.6-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.8.6-1+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:23", "description": "Security fix for CVE-2017-7525\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-14T00:00:00", "type": "nessus", "title": "Fedora 25 : jackson-databind (2017-f452765e1e)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7525"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jackson-databind", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-F452765E1E.NASL", "href": "https://www.tenable.com/plugins/nessus/102464", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-f452765e1e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102464);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-7525\");\n script_xref(name:\"FEDORA\", value:\"2017-f452765e1e\");\n\n script_name(english:\"Fedora 25 : jackson-databind (2017-f452765e1e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-7525\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-f452765e1e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jackson-databind package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"jackson-databind-2.7.6-3.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jackson-databind\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:54", "description": "The version of Oracle Business Intelligence Publisher running on the remote host is 11.1.1.7.x prior to 11.1.1.7.180417 or 11.1.1.9.x prior to 11.1.1.9.180417, similarly, versions 12.2.1.2.x prior to 12.2.1.2.180116 and 12.2.1.3.x prior to 12.2.1.3.180116 are affected as noted in the April 2018 Critical Patch Update advisory. The Oracle Business Intelligence Publisher installed on the remote host is affected by multiple vulnerabilities:\n\n - A vulnerability can be exploited by a remote attacker by sending a crafted serialized Java object. A successful attack would allow the attacker to execute arbitrary commands on the vulnerable server (CVE-2015-7501).\n\n - A vulnerability exists on Apache Batik before 1.9. The vulnerability would allow an attacker to send a malicious SVG file to a user. An attacker who successfully exploits this vulnerability could result in the compromise of the server (CVE-2017-5662).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-12-28T00:00:00", "type": "nessus", "title": "Oracle Business Intelligence Publisher Multiple Vulnerabilities (April 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501", "CVE-2017-5662"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:business_intelligence_publisher"], "id": "ORACLE_BI_PUBLISHER_APR_2018_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/119939", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119939);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2015-7501\", \"CVE-2017-5662\");\n script_bugtraq_id(78215, 97948);\n\n script_name(english:\"Oracle Business Intelligence Publisher Multiple Vulnerabilities (April 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Business Intelligence Publisher running on the\nremote host is 11.1.1.7.x prior to 11.1.1.7.180417 or 11.1.1.9.x \nprior to 11.1.1.9.180417, similarly, versions 12.2.1.2.x prior to\n12.2.1.2.180116 and 12.2.1.3.x prior to 12.2.1.3.180116 are affected \nas noted in the April 2018 Critical Patch Update advisory. \nThe Oracle Business Intelligence Publisher installed on the remote\nhost is affected by multiple vulnerabilities:\n\n - A vulnerability can be exploited by a remote attacker\n by sending a crafted serialized Java object. A\n successful attack would allow the attacker to execute\n arbitrary commands on the vulnerable server\n (CVE-2015-7501).\n\n - A vulnerability exists on Apache Batik before 1.9. \n The vulnerability would allow an attacker to send a\n malicious SVG file to a user. An attacker who\n successfully exploits this vulnerability could result\n in the compromise of the server (CVE-2017-5662).\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76507bf8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2018 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:business_intelligence_publisher\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_bi_publisher_installed.nbin\", \"oracle_bi_publisher_detect.nasl\");\n script_require_keys(\"installed_sw/Oracle Business Intelligence Publisher\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\nappname = 'Oracle Business Intelligence Publisher';\napp_info = vcf::get_app_info(app:appname);\n\n# 11.1.1.7.x - Bundle: 27617562 | Patch: 26831047\n# 11.1.1.9.x - Bundle: 27737733 | Patch: 27570221\n\nconstraints = [\n {'min_version': '11.1.1.7', 'fixed_version': '11.1.1.7.180417', 'patch': '26831047', 'bundle': '27617562'},\n {'min_version': '11.1.1.9', 'fixed_version': '11.1.1.9.180417', 'patch': '27570221', 'bundle': '27737733'}\n];\n\nvcf::oracle_bi_publisher::check_version_and_report(app_info: app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-30T14:05:27", "description": "Man Yue Mo, Lars Krapf and Pierre Ernst discovered that Batik, a toolkit for processing SVG images, did not properly validate its input. This would allow an attacker to cause a denial-of-service, mount cross-site scripting attacks, or access restricted files on the server.", "cvss3": {}, "published": "2018-06-05T00:00:00", "type": "nessus", "title": "Debian DSA-4215-1 : batik - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5662", "CVE-2018-8013"], "modified": "2018-11-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:batik", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4215.NASL", "href": "https://www.tenable.com/plugins/nessus/110316", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4215. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110316);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\"CVE-2017-5662\", \"CVE-2018-8013\");\n script_xref(name:\"DSA\", value:\"4215\");\n\n script_name(english:\"Debian DSA-4215-1 : batik - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Man Yue Mo, Lars Krapf and Pierre Ernst discovered that Batik, a\ntoolkit for processing SVG images, did not properly validate its\ninput. This would allow an attacker to cause a denial-of-service,\nmount cross-site scripting attacks, or access restricted files on the\nserver.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860566\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899374\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/batik\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/batik\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/batik\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4215\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the batik packages.\n\nFor the oldstable distribution (jessie), these problems have been\nfixed in version 1.7+dfsg-5+deb8u1.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 1.8-4+deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:batik\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libbatik-java\", reference:\"1.7+dfsg-5+deb8u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libbatik-java\", reference:\"1.8-4+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:40", "description": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.6, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References.\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* It was found that use of a JMS ObjectMessage does not safely handle user-supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the JMS ObjectMessage. (CVE-2016-4978)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {}, "published": "2017-08-03T00:00:00", "type": "nessus", "title": "RHEL 6 : JBoss EAP (RHSA-2017:1834)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4978", "CVE-2017-7525"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-native", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-async-http-servlet-3.0", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-web-console-eap", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2017-1834.NASL", "href": "https://www.tenable.com/plugins/nessus/102139", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1834. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102139);\n script_version(\"3.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2016-4978\", \"CVE-2017-7525\");\n script_xref(name:\"RHSA\", value:\"2017:1834\");\n\n script_name(english:\"RHEL 6 : JBoss EAP (RHSA-2017:1834)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.0 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.7\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.0.6, and includes bug fixes and enhancements, which are\ndocumented in the Release Notes linked to in the References.\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in jackson-databind which\ncould allow an unauthenticated user to perform code execution by\nsending maliciously crafted input to the readValue method of the\nObjectMapper. (CVE-2017-7525)\n\n* It was found that use of a JMS ObjectMessage does not safely handle\nuser-supplied data when deserializing objects. A remote attacker could\nuse this flaw to execute arbitrary code with the permissions of the\napplication using the JMS ObjectMessage. (CVE-2016-4978)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting\nCVE-2017-7525.\"\n );\n # https://access.redhat.com/documentation/en/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:1834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4978\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7525\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-async-http-servlet-3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-web-console-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1834\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-cli-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-commons-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-core-client-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-dto-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-hornetq-protocol-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-hqclient-protocol-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-jms-client-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-jms-server-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-journal-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-native-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-ra-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-selector-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-server-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-service-extensions-1.1.0-18.SP21_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-glassfish-jsf-2.2.12-2.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-5.0.14-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-core-5.0.14-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-entitymanager-5.0.14-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-envers-5.0.14-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-infinispan-5.0.14-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-java8-5.0.14-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-1.3.7-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-common-api-1.3.7-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-common-impl-1.3.7-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-common-spi-1.3.7-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-core-api-1.3.7-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-core-impl-1.3.7-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-deployers-common-1.3.7-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-jdbc-1.3.7-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-validator-1.3.7-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-databind-2.5.4-2.redhat_2.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-modules-1.5.4-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-remoting-4.0.23-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-xnio-base-3.4.6-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-async-http-servlet-3.0-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-atom-provider-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-cdi-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-client-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-crypto-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-jackson-provider-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-jackson2-provider-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-jaxb-provider-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-jaxrs-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-jettison-provider-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-jose-jwt-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-jsapi-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-json-p-provider-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-multipart-provider-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-spring-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-validator-provider-11-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-resteasy-yaml-provider-3.0.19-6.SP4_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-7.0.7-4.GA_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-javadocs-7.0.7-3.GA_redhat_4.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-modules-7.0.7-4.GA_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-web-console-eap-2.8.30-1.Final_redhat_1.1.ep7.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-activemq-artemis / eap7-activemq-artemis-cli / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:49", "description": "The version of Apache Struts running on the remote host is 2.5.x prior to 2.5.14.1. It is, therefore, affected by an unspecified flaw that is triggered when parsing JSON. This allows a remote attacker to cause a denial of service.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2017-12-04T00:00:00", "type": "nessus", "title": "Apache Struts 2.5.x < 2.5.14.1 Json-lib JSON Parsing Unspecified DoS (S2-054) (S2-055)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15707", "CVE-2017-7525"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:apache:struts"], "id": "STRUTS_2_5_14_1.NASL", "href": "https://www.tenable.com/plugins/nessus/105005", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105005);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-7525\", \"CVE-2017-15707\");\n script_bugtraq_id(99623, 102021);\n\n script_name(english:\"Apache Struts 2.5.x < 2.5.14.1 Json-lib JSON Parsing Unspecified DoS (S2-054) (S2-055)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web application running on the remote host uses a Java framework\nthat is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apache Struts running on the remote host is 2.5.x\nprior to 2.5.14.1. It is, therefore, affected by an unspecified flaw\nthat is triggered when parsing JSON. This allows a remote attacker to\ncause a denial of service.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.14.1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwiki.apache.org/confluence/display/WW/S2-054\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwiki.apache.org/confluence/display/WW/S2-055\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Struts version 2.5.14.1 or later or apply the\nworkaround as referenced in the vendor's security bulletin.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-7525\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:struts\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"os_fingerprint.nasl\", \"struts_detect_win.nbin\", \"struts_detect_nix.nbin\", \"struts_config_browser_detect.nbin\");\n script_require_ports(\"installed_sw/Apache Struts\", \"installed_sw/Struts\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\napp_info = vcf::combined_get_app_info(app:\"Apache Struts\");\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { \"min_version\" : \"2.5.0\", \"max_version\" : \"2.5.14\", \"fixed_version\" : \"2.5.14.1\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:13", "description": "An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 and Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.7.\n\nRefer to the JBoss Enterprise Application Platform 7.0.7 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* It was found that use of a JMS ObjectMessage does not safely handle user-supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the JMS ObjectMessage. (CVE-2016-4978)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {}, "published": "2017-08-03T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : eap7-jboss-ec2-eap (RHSA-2017:1837)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4978", "CVE-2017-7525"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ec2-eap", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ec2-eap-samples", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2017-1837.NASL", "href": "https://www.tenable.com/plugins/nessus/102141", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1837. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102141);\n script_version(\"3.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2016-4978\", \"CVE-2017-7525\");\n script_xref(name:\"RHSA\", value:\"2017:1837\");\n\n script_name(english:\"RHEL 6 / 7 : eap7-jboss-ec2-eap (RHSA-2017:1837)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss\nEnterprise Application Platform 7.0 for RHEL 6 and Red Hat JBoss\nEnterprise Application Platform 7.0 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss\nEnterprise Application Platform running on the Amazon Web Services\n(AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the eap7-jboss-ec2-eap package has been updated to\nensure compatibility with Red Hat JBoss Enterprise Application\nPlatform 7.0.7.\n\nRefer to the JBoss Enterprise Application Platform 7.0.7 Release\nNotes, linked to in the References section, for information on the\nmost significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in jackson-databind which\ncould allow an unauthenticated user to perform code execution by\nsending maliciously crafted input to the readValue method of the\nObjectMapper. (CVE-2017-7525)\n\n* It was found that use of a JMS ObjectMessage does not safely handle\nuser-supplied data when deserializing objects. A remote attacker could\nuse this flaw to execute arbitrary code with the permissions of the\napplication using the JMS ObjectMessage. (CVE-2016-4978)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting\nCVE-2017-7525.\"\n );\n # https://access.redhat.com/documentation/en/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:1837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4978\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7525\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected eap7-jboss-ec2-eap and / or\neap7-jboss-ec2-eap-samples packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ec2-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ec2-eap-samples\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1837\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-ec2-eap-7.0.7-1.GA_redhat_1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-ec2-eap-samples-7.0.7-1.GA_redhat_1.ep7.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-ec2-eap-7.0.7-1.GA_redhat_1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-ec2-eap-samples-7.0.7-1.GA_redhat_1.ep7.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-jboss-ec2-eap / eap7-jboss-ec2-eap-samples\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:16:41", "description": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.6, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References.\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* It was found that use of a JMS ObjectMessage does not safely handle user-supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the JMS ObjectMessage. (CVE-2016-4978)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {}, "published": "2017-08-03T00:00:00", "type": "nessus", "title": "RHEL 7 : JBoss EAP (RHSA-2017:1835)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4978", "CVE-2017-7525"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-native", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-web-console-eap", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-async-http-servlet-3.0", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs"], "id": "REDHAT-RHSA-2017-1835.NASL", "href": "https://www.tenable.com/plugins/nessus/102140", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1835. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102140);\n script_version(\"3.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2016-4978\", \"CVE-2017-7525\");\n script_xref(name:\"RHSA\", value:\"2017:1835\");\n\n script_name(english:\"RHEL 7 : JBoss EAP (RHSA-2017:1835)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.0 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.7\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.0.6, and includes bug fixes and enhancements, which are\ndocumented in the Release Notes linked to in the References.\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in jackson-databind which\ncould allow an unauthenticated user to perform code execution by\nsending maliciously crafted input to the readValue method of the\nObjectMapper. (CVE-2017-7525)\n\n* It was found that use of a JMS ObjectMessage does not safely handle\nuser-supplied data when deserializing objects. A remote attacker could\nuse this flaw to execute arbitrary code with the permissions of the\napplication using the JMS ObjectMessage. (CVE-2016-4978)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting\nCVE-2017-7525.\"\n );\n # https://access.redhat.com/documentation/en/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:1835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4978\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7525\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-async-http-servlet-3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-web-console-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1835\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-cli-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-commons-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-core-client-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-dto-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-hornetq-protocol-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-hqclient-protocol-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-jms-client-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-jms-server-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-journal-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-native-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-ra-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-selector-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-server-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-service-extensions-1.1.0-18.SP21_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-glassfish-jsf-2.2.12-2.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-5.0.14-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-core-5.0.14-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-entitymanager-5.0.14-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-envers-5.0.14-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-infinispan-5.0.14-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-java8-5.0.14-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-1.3.7-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-common-api-1.3.7-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-common-impl-1.3.7-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-common-spi-1.3.7-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-core-api-1.3.7-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-core-impl-1.3.7-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-deployers-common-1.3.7-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-jdbc-1.3.7-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-validator-1.3.7-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-databind-2.5.4-2.redhat_2.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-modules-1.5.4-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-remoting-4.0.23-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-xnio-base-3.4.6-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-async-http-servlet-3.0-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-atom-provider-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-cdi-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-client-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-crypto-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-jackson-provider-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-jackson2-provider-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-jaxb-provider-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-jaxrs-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-jettison-provider-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-jose-jwt-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-jsapi-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-json-p-provider-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-multipart-provider-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-spring-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-validator-provider-11-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-resteasy-yaml-provider-3.0.19-6.SP4_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-7.0.7-4.GA_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-javadocs-7.0.7-3.GA_redhat_4.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-modules-7.0.7-4.GA_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-web-console-eap-2.8.30-1.Final_redhat_1.1.ep7.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-activemq-artemis / eap7-activemq-artemis-cli / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:01", "description": "According to its self-reported version number, the version of JFrog Artifactory installed on the remote host is prior to 6.1. It is, therefore, affected by multiple vulnerabilities:\n\n - A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n - JFrog Artifactory contains a Cross Site Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user. This attack appear to be exploitable via maliciously crafted flash component. (CVE-2018-1000206)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-03-12T00:00:00", "type": "nessus", "title": "JFrog < 6.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7525", "CVE-2018-1000206"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:jfrog:artifactory"], "id": "JFROG_ARTIFACTORY_6_1.NASL", "href": "https://www.tenable.com/plugins/nessus/147720", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147720);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-7525\", \"CVE-2018-1000206\");\n\n script_name(english:\"JFrog < 6.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Determines if the remote JFrog Artifactory installation is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the version of JFrog Artifactory installed on the remote host is prior\nto 6.1. It is, therefore, affected by multiple vulnerabilities:\n\n - A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could \n allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method \n of the ObjectMapper. (CVE-2017-7525)\n\n - JFrog Artifactory contains a Cross Site Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in \n Classic CSRF attack allowing an attacker to perform actions as logged in user. This attack appear to be exploitable \n via maliciously crafted flash component. (CVE-2018-1000206)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8dc55d3d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to JFrog Artifactory 6.1 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-7525\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:jfrog:artifactory\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jfrog_artifactory_win_installed.nbin\", \"jfrog_artifactory_nix_installed.nbin\", \"os_fingerprint.nasl\");\n script_require_keys(\"installed_sw/Artifactory\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nwin_local = FALSE;\nos = get_kb_item('Host/OS');\nif ('windows' >< tolower(os)) win_local = TRUE;\n\napp_info = vcf::get_app_info(app:'Artifactory', win_local:win_local);\n\nconstraints = [\n { 'min_version' : '5.11', 'fixed_version' : '6.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-30T14:09:57", "description": "FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", "cvss3": {}, "published": "2018-11-29T00:00:00", "type": "nessus", "title": "FreeBSD : payara -- Default typing issue in Jackson Databind (93f8e0ff-f33d-11e8-be46-0019dbb15b3f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7525", "CVE-2018-7489"], "modified": "2020-06-25T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:payara", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_93F8E0FFF33D11E8BE460019DBB15B3F.NASL", "href": "https://www.tenable.com/plugins/nessus/119272", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119272);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/25\");\n\n script_cve_id(\"CVE-2018-7489\");\n\n script_name(english:\"FreeBSD : payara -- Default typing issue in Jackson Databind (93f8e0ff-f33d-11e8-be46-0019dbb15b3f)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5\nallows unauthenticated remote code execution because of an incomplete\nfix for the CVE-2017-7525 deserialization flaw. This is exploitable by\nsending maliciously crafted JSON input to the readValue method of the\nObjectMapper, bypassing a blacklist that is ineffective if the c3p0\nlibraries are available in the classpath.\"\n );\n # https://vuxml.freebsd.org/freebsd/93f8e0ff-f33d-11e8-be46-0019dbb15b3f.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?addb591e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:payara\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"payara=4.1.2.181.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"payara=4.1.2.182\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"payara=5.181.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"payara=5.182\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-30T14:04:25", "description": "It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, improperly validated user input prior to deserializing because of an incomplete fix for CVE-2017-7525.", "cvss3": {}, "published": "2018-05-04T00:00:00", "type": "nessus", "title": "Debian DSA-4190-1 : jackson-databind - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7525", "CVE-2018-7489"], "modified": "2018-11-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:jackson-databind", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4190.NASL", "href": "https://www.tenable.com/plugins/nessus/109557", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4190. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109557);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\"CVE-2018-7489\");\n script_xref(name:\"DSA\", value:\"4190\");\n\n script_name(english:\"Debian DSA-4190-1 : jackson-databind - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that jackson-databind, a Java library used to parse\nJSON and other data formats, improperly validated user input prior to\ndeserializing because of an incomplete fix for CVE-2017-7525.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-7525\"\n );\n # https://security-tracker.debian.org/tracker/source-package/jackson-databind\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?61134ddf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/jackson-databind\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/jackson-databind\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4190\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the jackson-databind packages.\n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 2.4.2-2+deb8u4.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 2.8.6-1+deb9u4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java\", reference:\"2.4.2-2+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.4.2-2+deb8u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java\", reference:\"2.8.6-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.8.6-1+deb9u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-03T15:11:42", "description": "According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.x prior to 16.2.12.3 or 17.x prior to 17.12.3.0. It is, therefore, affected by multiple vulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-04-19T00:00:00", "type": "nessus", "title": "Oracle Primavera Unifier Multiple Vulnerabilities (April 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:primavera_unifier"], "id": "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2018.NASL", "href": "https://www.tenable.com/plugins/nessus/109164", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109164);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-7525\", \"CVE-2017-15095\");\n script_bugtraq_id(99623, 103880);\n\n script_name(english:\"Oracle Primavera Unifier Multiple Vulnerabilities (April 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle Primavera\nUnifier installation running on the remote web server is 16.x prior to\n16.2.12.3 or 17.x prior to 17.12.3.0. It is, therefore, affected by \nmultiple vulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76507bf8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle Primavera Unifier version 16.2.12.3 / 17.12.3.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-7525\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_unifier\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_unifier.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera Unifier\", \"www/weblogic\");\n script_require_ports(\"Services/www\", 8002);\n\n exit(0);\n}\n\ninclude(\"http.inc\");\ninclude(\"vcf.inc\");\n\nget_install_count(app_name:\"Oracle Primavera Unifier\", exit_if_zero:TRUE);\n\nport = get_http_port(default:8002);\nget_kb_item_or_exit(\"www/weblogic/\" + port + \"/installed\");\n\napp_info = vcf::get_app_info(app:\"Oracle Primavera Unifier\", port:port);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { \"min_version\" : \"16.0.0.0\", \"fixed_version\" : \"16.2.12.3\" },\n { \"min_version\" : \"17.0.0.0\", \"fixed_version\" : \"17.12.3.0\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE); \n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-03T14:23:04", "description": "It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, improperly validated user input prior to deserializing: following DSA-4004-1 for CVE-2017-7525, an additional set of classes was identified as unsafe for deserialization.", "cvss3": {}, "published": "2017-11-17T00:00:00", "type": "nessus", "title": "Debian DSA-4037-1 : jackson-databind - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:jackson-databind", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4037.NASL", "href": "https://www.tenable.com/plugins/nessus/104643", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4037. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104643);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-15095\");\n script_xref(name:\"DSA\", value:\"4037\");\n\n script_name(english:\"Debian DSA-4037-1 : jackson-databind - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that jackson-databind, a Java library used to parse\nJSON and other data formats, improperly validated user input prior to\ndeserializing: following DSA-4004-1 for CVE-2017-7525, an additional\nset of classes was identified as unsafe for deserialization.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-7525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/jackson-databind\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/jackson-databind\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-4037\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the jackson-databind packages.\n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 2.4.2-2+deb8u2.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 2.8.6-1+deb9u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java\", reference:\"2.4.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.4.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java\", reference:\"2.8.6-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.8.6-1+deb9u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-04T14:38:13", "description": "An update for rh-eclipse47-jackson-databind is now available for Red Hat Developer Tools.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.\n(CVE-2017-15095)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting this issue.", "cvss3": {}, "published": "2017-11-14T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-eclipse47-jackson-databind (RHSA-2017:3189)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rh-eclipse47-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse47-jackson-databind-javadoc", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2017-3189.NASL", "href": "https://www.tenable.com/plugins/nessus/104538", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:3189. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104538);\n script_version(\"3.10\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2017-15095\");\n script_xref(name:\"RHSA\", value:\"2017:3189\");\n\n script_name(english:\"RHEL 7 : rh-eclipse47-jackson-databind (RHSA-2017:3189)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for rh-eclipse47-jackson-databind is now available for Red\nHat Developer Tools.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe jackson-databind package provides general data-binding\nfunctionality for Jackson, which works on top of Jackson core\nstreaming API.\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in the jackson-databind which\ncould allow an unauthenticated user to perform code execution by\nsending the maliciously crafted input to the readValue method of the\nObjectMapper. This issue extends the previous flaw CVE-2017-7525 by\nblacklisting more classes that could be used maliciously.\n(CVE-2017-15095)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting this\nissue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:3189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-15095\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected rh-eclipse47-jackson-databind and / or\nrh-eclipse47-jackson-databind-javadoc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse47-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse47-jackson-databind-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:3189\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"rh-eclipse47-jackson-databind-2.7.6-3.3.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"rh-eclipse47-jackson-databind-javadoc-2.7.6-3.3.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rh-eclipse47-jackson-databind / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:27:07", "description": "An update for rh-eclipse46-jackson-databind is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously. (CVE-2017-17485)\n\nRed Hat would like to thank 0c0c0f from 360Guan Xing Shi Yan Shi for reporting this issue.", "cvss3": {}, "published": "2018-04-30T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-eclipse46-jackson-databind (RHSA-2018:0116)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2017-7525"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rh-eclipse46-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse46-jackson-databind-javadoc", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5"], "id": "REDHAT-RHSA-2018-0116.NASL", "href": "https://www.tenable.com/plugins/nessus/109427", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:0116. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109427);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/10/24 15:35:44\");\n\n script_cve_id(\"CVE-2017-17485\");\n script_xref(name:\"RHSA\", value:\"2018:0116\");\n\n script_name(english:\"RHEL 7 : rh-eclipse46-jackson-databind (RHSA-2018:0116)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for rh-eclipse46-jackson-databind is now available for Red\nHat Software Collections.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe jackson-databind package provides general data-binding\nfunctionality for Jackson, which works on top of Jackson core\nstreaming API.\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in the jackson-databind which\ncould allow an unauthenticated user to perform code execution by\nsending maliciously crafted input to the readValue method of\nObjectMapper. This issue extends upon the previous flaws CVE-2017-7525\nand CVE-2017-15095 by blacklisting more classes that could be used\nmaliciously. (CVE-2017-17485)\n\nRed Hat would like to thank 0c0c0f from 360Guan Xing Shi Yan Shi for\nreporting this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:0116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-17485\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected rh-eclipse46-jackson-databind and / or\nrh-eclipse46-jackson-databind-javadoc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse46-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse46-jackson-databind-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:0116\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"rh-eclipse46-jackson-databind-2.6.3-2.6.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"rh-eclipse46-jackson-databind-javadoc-2.6.3-2.6.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rh-eclipse46-jackson-databind / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:06:44", "description": "Several vulnerabilities were fixed in libjackson-json-java, a Java JSON processor.\n\nCVE-2017-7525\n\nJackson Deserializer security vulnerability.\n\nCVE-2017-15095\n\nBlock more JDK types from polymorphic deserialization.\n\nCVE-2019-10172\n\nXML external entity vulnerabilities.\n\nFor Debian 9 stretch, these problems have been fixed in version 1.9.2-8+deb9u1.\n\nWe recommend that you upgrade your libjackson-json-java packages.\n\nFor the detailed security status of libjackson-json-java please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/libjackson-json-java\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-08-25T00:00:00", "type": "nessus", "title": "Debian DLA-2342-1 : libjackson-json-java security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525", "CVE-2019-10172"], "modified": "2020-08-27T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libjackson-json-java", "p-cpe:/a:debian:debian_linux:libjackson-json-java-doc", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2342.NASL", "href": "https://www.tenable.com/plugins/nessus/139774", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2342-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139774);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/27\");\n\n script_cve_id(\"CVE-2017-7525\", \"CVE-2019-10172\");\n\n script_name(english:\"Debian DLA-2342-1 : libjackson-json-java security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities were fixed in libjackson-json-java, a Java\nJSON processor.\n\nCVE-2017-7525\n\nJackson Deserializer security vulnerability.\n\nCVE-2017-15095\n\nBlock more JDK types from polymorphic deserialization.\n\nCVE-2019-10172\n\nXML external entity vulnerabilities.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1.9.2-8+deb9u1.\n\nWe recommend that you upgrade your libjackson-json-java packages.\n\nFor the detailed security status of libjackson-json-java please refer\nto its security tracker page at:\nhttps://security-tracker.debian.org/tracker/libjackson-json-java\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/libjackson-json-java\"\n );\n # https://security-tracker.debian.org/tracker/source-package/libjackson-json-java\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a885b2e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson-json-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson-json-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libjackson-json-java\", reference:\"1.9.2-8+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjackson-json-java-doc\", reference:\"1.9.2-8+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:42", "description": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {}, "published": "2017-09-08T00:00:00", "type": "nessus", "title": "RHEL 7 : JBoss EAP (RHSA-2017:2636)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645", "CVE-2017-5664", "CVE-2017-7525"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-cxf", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-core-asl", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-jaxrs", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-mapper-asl", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-xc", "p-cpe:/a:redhat:enterprise_linux:hibernate4-core-eap6", "p-cpe:/a:redhat:enterprise_linux:hibernate4-eap6", "p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager-eap6", "p-cpe:/a:redhat:enterprise_linux:hibernate4-envers-eap6", "p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan-eap6", "p-cpe:/a:redhat:enterprise_linux:hornetq", "p-cpe:/a:redhat:enterprise_linux:infinispan", "p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:jboss-as-web", "p-cpe:/a:redhat:enterprise_linux:infinispan-core", "p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient", "p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices", "p-cpe:/a:redhat:enterprise_linux:jboss-as-cli", "p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all", "p-cpe:/a:redhat:enterprise_linux:jboss-as-weld", "p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering", "p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp", "p-cpe:/a:redhat:enterprise_linux:jboss-as-xts", "p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin", "p-cpe:/a:redhat:enterprise_linux:jboss-as-connector", "p-cpe:/a:redhat:enterprise_linux:jboss-marshalling", "p-cpe:/a:redhat:enterprise_linux:jboss-as-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata", "p-cpe:/a:redhat:enterprise_linux:jboss-as-core-security", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-appclient", "p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository", "p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner", "p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http", "p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ee", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-common", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-ear", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3", "p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-ejb", "p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-web", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr", "p-cpe:/a:redhat:enterprise_linux:jboss-modules", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr", "p-cpe:/a:redhat:enterprise_linux:jboss-remoting3", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa", "p-cpe:/a:redhat:enterprise_linux:jboss-vfs2", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77", "p-cpe:/a:redhat:enterprise_linux:jbossas-appclient", "p-cpe:/a:redhat:enterprise_linux:jboss-as-logging", "p-cpe:/a:redhat:enterprise_linux:jboss-as-mail", "p-cpe:/a:redhat:enterprise_linux:jbossas-bundles", "p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content", "p-cpe:/a:redhat:enterprise_linux:jbossas-core", "p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging", "p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster", "p-cpe:/a:redhat:enterprise_linux:jboss-as-naming", "p-cpe:/a:redhat:enterprise_linux:jboss-as-network", "p-cpe:/a:redhat:enterprise_linux:jbossas-domain", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin", "p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service", "p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap", "p-cpe:/a:redhat:enterprise_linux:jboss-as-picketlink", "p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap", "p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean", "p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo", "p-cpe:/a:redhat:enterprise_linux:jbossas-standalone", "p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller", "p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap", "p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol", "p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jboss-as-sar", "p-cpe:/a:redhat:enterprise_linux:jboss-as-security", "p-cpe:/a:redhat:enterprise_linux:jboss-as-server", "p-cpe:/a:redhat:enterprise_linux:log4j-eap6", "p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx", "p-cpe:/a:redhat:enterprise_linux:jboss-as-threads", "p-cpe:/a:redhat:enterprise_linux:log4j-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions", "p-cpe:/a:redhat:enterprise_linux:jboss-as-version", "p-cpe:/a:redhat:enterprise_linux:picketlink-bindings", "p-cpe:/a:redhat:enterprise_linux:picketlink-federation", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2017-2636.NASL", "href": "https://www.tenable.com/plugins/nessus/103042", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:2636. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103042);\n script_version(\"3.10\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2017-5645\", \"CVE-2017-5664\", \"CVE-2017-7525\");\n script_xref(name:\"RHSA\", value:\"2017:2636\");\n\n script_name(english:\"RHEL 7 : JBoss EAP (RHSA-2017:2636)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 6.4.16, and includes bug fixes and enhancements, which are\ndocumented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server\nthe log4j server would deserialize any log event received via TCP or\nUDP. An attacker could use this flaw to send a specially crafted log\nevent that, during deserialization, would execute arbitrary code in\nthe context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in\nTomcat's DefaultServlet implementation. A crafted HTTP request could\ncause undesired side effects, possibly including the removal or\nreplacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which\ncould allow an unauthenticated user to perform code execution by\nsending the maliciously crafted input to the readValue method of the\nObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting\nCVE-2017-7525.\"\n );\n # https://access.redhat.com/documentation/en/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:2636\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-5645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-5664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7525\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-cxf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-core-asl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-mapper-asl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-xc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-core-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-envers-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hornetq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-connector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-core-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-naming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-picketlink\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-sar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-threads\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-version\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-weld\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-xts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-marshalling\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-ear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-ejb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remoting3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-vfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-domain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-standalone\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:picketlink-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:picketlink-federation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:2636\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL7\", reference:\"apache-cxf-2.7.18-7.SP6_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"codehaus-jackson-1.9.9-11.redhat_5.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"codehaus-jackson-core-asl-1.9.9-11.redhat_5.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"codehaus-jackson-jaxrs-1.9.9-11.redhat_5.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"codehaus-jackson-mapper-asl-1.9.9-11.redhat_5.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"codehaus-jackson-xc-1.9.9-11.redhat_5.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"hibernate4-core-eap6-4.2.27-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"hibernate4-eap6-4.2.27-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"hibernate4-entitymanager-eap6-4.2.27-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"hibernate4-envers-eap6-4.2.27-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"hibernate4-infinispan-eap6-4.2.27-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"hornetq-2.3.25-22.SP20_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"infinispan-5.2.22-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"infinispan-cachestore-jdbc-5.2.22-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"infinispan-cachestore-remote-5.2.22-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"infinispan-client-hotrod-5.2.22-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"infinispan-core-5.2.22-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-appclient-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-cli-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-client-all-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-clustering-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-cmp-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-configadmin-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-connector-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-controller-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-controller-client-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-core-security-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-deployment-repository-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-deployment-scanner-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-domain-http-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-domain-management-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-ee-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-ee-deployment-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-ejb3-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-embedded-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-host-controller-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jacorb-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jaxr-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jaxrs-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jdr-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jmx-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jpa-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jsf-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jsr77-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-logging-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-mail-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-management-client-content-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-messaging-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-modcluster-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-naming-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-network-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-osgi-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-osgi-configadmin-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-osgi-service-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-picketlink-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-platform-mbean-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-pojo-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-process-controller-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-protocol-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-remoting-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-sar-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-security-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-server-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-system-jmx-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-threads-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-transactions-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-version-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-web-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-webservices-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-weld-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-xts-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-marshalling-1.4.10-3.SP3_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-metadata-7.2.3-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-metadata-appclient-7.2.3-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-metadata-common-7.2.3-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-metadata-ear-7.2.3-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-metadata-ejb-7.2.3-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-metadata-web-7.2.3-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-modules-1.3.10-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-remoting3-3.3.10-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-vfs2-3.2.12-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-appclient-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-bundles-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-core-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-domain-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-javadocs-7.5.17-4.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-modules-eap-7.5.17-1.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-product-eap-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-standalone-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-welcome-content-eap-7.5.17-2.Final_redhat_4.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossweb-7.5.24-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"log4j-eap6-1.2.16-12.redhat_3.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"log4j-jboss-logmanager-1.1.4-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"picketlink-bindings-2.5.4-17.SP15_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"picketlink-federation-2.5.4-17.SP15_redhat_1.1.ep6.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-cxf / codehaus-jackson / codehaus-jackson-core-asl / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:37", "description": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {}, "published": "2017-09-08T00:00:00", "type": "nessus", "title": "RHEL 5 : JBoss EAP (RHSA-2017:2637)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645", "CVE-2017-5664", "CVE-2017-7525"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-cxf", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-core-asl", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-jaxrs", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-mapper-asl", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-xc", "p-cpe:/a:redhat:enterprise_linux:hibernate4-core-eap6", "p-cpe:/a:redhat:enterprise_linux:hibernate4-eap6", "p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager-eap6", "p-cpe:/a:redhat:enterprise_linux:hibernate4-envers-eap6", "p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan-eap6", "p-cpe:/a:redhat:enterprise_linux:hornetq", "p-cpe:/a:redhat:enterprise_linux:infinispan", "p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:infinispan-core", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77", "p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient", "p-cpe:/a:redhat:enterprise_linux:jboss-as-cli", "p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all", "p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering", "p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp", "p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin", "p-cpe:/a:redhat:enterprise_linux:jboss-as-connector", "p-cpe:/a:redhat:enterprise_linux:jboss-as-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client", "p-cpe:/a:redhat:enterprise_linux:jboss-as-logging", "p-cpe:/a:redhat:enterprise_linux:jboss-as-core-security", "p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository", "p-cpe:/a:redhat:enterprise_linux:jboss-as-mail", "p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner", "p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http", "p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ee", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3", "p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content", "p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded", "p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging", "p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr", "p-cpe:/a:redhat:enterprise_linux:jboss-as-naming", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx", "p-cpe:/a:redhat:enterprise_linux:jboss-as-network", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service", "p-cpe:/a:redhat:enterprise_linux:jboss-as-picketlink", "p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean", "p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo", "p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol", "p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting", "p-cpe:/a:redhat:enterprise_linux:jboss-as-sar", "p-cpe:/a:redhat:enterprise_linux:jboss-as-security", "p-cpe:/a:redhat:enterprise_linux:jboss-as-server", "p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx", "p-cpe:/a:redhat:enterprise_linux:jboss-as-threads", "p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions", "p-cpe:/a:redhat:enterprise_linux:jboss-as-version", "p-cpe:/a:redhat:enterprise_linux:jboss-as-web", "p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices", "p-cpe:/a:redhat:enterprise_linux:jboss-as-weld", "p-cpe:/a:redhat:enterprise_linux:jboss-as-xts", "p-cpe:/a:redhat:enterprise_linux:jboss-marshalling", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-appclient", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-common", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-ear", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-ejb", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-web", "p-cpe:/a:redhat:enterprise_linux:jboss-modules", "p-cpe:/a:redhat:enterprise_linux:jboss-remoting3", "p-cpe:/a:redhat:enterprise_linux:jboss-vfs2", "p-cpe:/a:redhat:enterprise_linux:jbossas-appclient", "p-cpe:/a:redhat:enterprise_linux:jbossas-bundles", "p-cpe:/a:redhat:enterprise_linux:jbossas-core", "p-cpe:/a:redhat:enterprise_linux:jbossas-domain", "p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs", "p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap", "p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap", "p-cpe:/a:redhat:enterprise_linux:jbossas-standalone", "p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:log4j-eap6", "p-cpe:/a:redhat:enterprise_linux:log4j-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:picketlink-bindings", "p-cpe:/a:redhat:enterprise_linux:picketlink-federation", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2017-2637.NASL", "href": "https://www.tenable.com/plugins/nessus/103043", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:2637. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103043);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2017-5645\", \"CVE-2017-5664\", \"CVE-2017-7525\");\n script_xref(name:\"RHSA\", value:\"2017:2637\");\n\n script_name(english:\"RHEL 5 : JBoss EAP (RHSA-2017:2637)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 6.4.16, and includes bug fixes and enhancements, which are\ndocumented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server\nthe log4j server would deserialize any log event received via TCP or\nUDP. An attacker could use this flaw to send a specially crafted log\nevent that, during deserialization, would execute arbitrary code in\nthe context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in\nTomcat's DefaultServlet implementation. A crafted HTTP request could\ncause undesired side effects, possibly including the removal or\nreplacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which\ncould allow an unauthenticated user to perform code execution by\nsending the maliciously crafted input to the readValue method of the\nObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting\nCVE-2017-7525.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2017-2637.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2017-5645.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2017-5664.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2017-7525.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-cxf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-core-asl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-mapper-asl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-xc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-core-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-envers-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hornetq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-connector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-core-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-naming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-picketlink\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-sar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-threads\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-version\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-weld\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-xts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-marshalling\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-ear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-ejb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remoting3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-vfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-domain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-standalone\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:picketlink-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:picketlink-federation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:2637\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"apache-cxf-2.7.18-7.SP6_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"codehaus-jackson-1.9.9-11.redhat_5.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"codehaus-jackson-core-asl-1.9.9-11.redhat_5.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"codehaus-jackson-jaxrs-1.9.9-11.redhat_5.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"codehaus-jackson-mapper-asl-1.9.9-11.redhat_5.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"codehaus-jackson-xc-1.9.9-11.redhat_5.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate4-core-eap6-4.2.27-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate4-eap6-4.2.27-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate4-entitymanager-eap6-4.2.27-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate4-envers-eap6-4.2.27-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hibernate4-infinispan-eap6-4.2.27-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"hornetq-2.3.25-22.SP20_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"infinispan-5.2.22-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"infinispan-cachestore-jdbc-5.2.22-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"infinispan-cachestore-remote-5.2.22-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"infinispan-client-hotrod-5.2.22-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"infinispan-core-5.2.22-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-appclient-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-cli-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-client-all-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-clustering-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-cmp-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-configadmin-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-connector-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-controller-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-controller-client-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-core-security-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-deployment-repository-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-deployment-scanner-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-domain-http-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-domain-management-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-ee-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-ee-deployment-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-ejb3-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-embedded-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-host-controller-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jacorb-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jaxr-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jaxrs-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jdr-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jmx-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jpa-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jsf-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jsr77-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-logging-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-mail-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-management-client-content-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-messaging-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-modcluster-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-naming-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-network-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-osgi-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-osgi-configadmin-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-osgi-service-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-picketlink-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-platform-mbean-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-pojo-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-process-controller-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-protocol-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-remoting-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-sar-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-security-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-server-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-system-jmx-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-threads-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-transactions-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-version-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-web-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-webservices-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-weld-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-as-xts-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-marshalling-1.4.10-3.SP3_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-metadata-7.2.3-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-metadata-appclient-7.2.3-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-metadata-common-7.2.3-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-metadata-ear-7.2.3-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-metadata-ejb-7.2.3-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-metadata-web-7.2.3-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-modules-1.3.10-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-remoting3-3.3.10-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-vfs2-3.2.12-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-appclient-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-bundles-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-core-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-domain-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-javadocs-7.5.17-4.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-modules-eap-7.5.17-1.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-product-eap-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-standalone-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossas-welcome-content-eap-7.5.17-2.Final_redhat_4.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-7.5.24-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"log4j-eap6-1.2.16-12.redhat_3.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"log4j-jboss-logmanager-1.1.4-1.Final_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"picketlink-bindings-2.5.4-17.SP15_redhat_1.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"picketlink-federation-2.5.4-17.SP15_redhat_1.1.ep6.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-cxf / codehaus-jackson / codehaus-jackson-core-asl / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:41", "description": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {}, "published": "2017-09-08T00:00:00", "type": "nessus", "title": "RHEL 6 : JBoss EAP (RHSA-2017:2635)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645", "CVE-2017-5664", "CVE-2017-7525"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-cxf", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-core-asl", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-jaxrs", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-mapper-asl", "p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-xc", "p-cpe:/a:redhat:enterprise_linux:hibernate4-core-eap6", "p-cpe:/a:redhat:enterprise_linux:hibernate4-eap6", "p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager-eap6", "p-cpe:/a:redhat:enterprise_linux:hibernate4-envers-eap6", "p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan-eap6", "p-cpe:/a:redhat:enterprise_linux:hornetq", "p-cpe:/a:redhat:enterprise_linux:infinispan", "p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:infinispan-core", "p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient", "p-cpe:/a:redhat:enterprise_linux:jboss-as-cli", "p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all", "p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering", "p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp", "p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin", "p-cpe:/a:redhat:enterprise_linux:jboss-as-connector", "p-cpe:/a:redhat:enterprise_linux:jboss-as-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client", "p-cpe:/a:redhat:enterprise_linux:jboss-as-core-security", "p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository", "p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner", "p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http", "p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ee", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3", "p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded", "p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77", "p-cpe:/a:redhat:enterprise_linux:jboss-as-logging", "p-cpe:/a:redhat:enterprise_linux:jboss-as-mail", "p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content", "p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging", "p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster", "p-cpe:/a:redhat:enterprise_linux:jboss-as-naming", "p-cpe:/a:redhat:enterprise_linux:jboss-as-network", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service", "p-cpe:/a:redhat:enterprise_linux:jboss-as-picketlink", "p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean", "p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo", "p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol", "p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting", "p-cpe:/a:redhat:enterprise_linux:jboss-as-sar", "p-cpe:/a:redhat:enterprise_linux:picketlink-federation", "p-cpe:/a:redhat:enterprise_linux:jboss-as-security", "p-cpe:/a:redhat:enterprise_linux:jboss-as-server", "p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx", "p-cpe:/a:redhat:enterprise_linux:jboss-as-threads", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions", "p-cpe:/a:redhat:enterprise_linux:jboss-as-version", "p-cpe:/a:redhat:enterprise_linux:jboss-as-web", "p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices", "p-cpe:/a:redhat:enterprise_linux:jboss-as-weld", "p-cpe:/a:redhat:enterprise_linux:jboss-as-xts", "p-cpe:/a:redhat:enterprise_linux:jboss-marshalling", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-appclient", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-common", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-ear", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-ejb", "p-cpe:/a:redhat:enterprise_linux:jboss-metadata-web", "p-cpe:/a:redhat:enterprise_linux:jboss-modules", "p-cpe:/a:redhat:enterprise_linux:jboss-remoting3", "p-cpe:/a:redhat:enterprise_linux:jboss-vfs2", "p-cpe:/a:redhat:enterprise_linux:jbossas-appclient", "p-cpe:/a:redhat:enterprise_linux:jbossas-bundles", "p-cpe:/a:redhat:enterprise_linux:jbossas-core", "p-cpe:/a:redhat:enterprise_linux:jbossas-domain", "p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs", "p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap", "p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap", "p-cpe:/a:redhat:enterprise_linux:jbossas-standalone", "p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:log4j-eap6", "p-cpe:/a:redhat:enterprise_linux:log4j-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:picketlink-bindings"], "id": "REDHAT-RHSA-2017-2635.NASL", "href": "https://www.tenable.com/plugins/nessus/103041", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:2635. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103041);\n script_version(\"3.10\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2017-5645\", \"CVE-2017-5664\", \"CVE-2017-7525\");\n script_xref(name:\"RHSA\", value:\"2017:2635\");\n\n script_name(english:\"RHEL 6 : JBoss EAP (RHSA-2017:2635)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 6.4.16, and includes bug fixes and enhancements, which are\ndocumented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server\nthe log4j server would deserialize any log event received via TCP or\nUDP. An attacker could use this flaw to send a specially crafted log\nevent that, during deserialization, would execute arbitrary code in\nthe context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in\nTomcat's DefaultServlet implementation. A crafted HTTP request could\ncause undesired side effects, possibly including the removal or\nreplacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which\ncould allow an unauthenticated user to perform code execution by\nsending the maliciously crafted input to the readValue method of the\nObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting\nCVE-2017-7525.\"\n );\n # https://access.redhat.com/documentation/en/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:2635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-5645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-5664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7525\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-cxf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-core-asl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-mapper-asl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:codehaus-jackson-xc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-core-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-envers-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hornetq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-connector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-core-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-naming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-picketlink\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-sar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-threads\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-version\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-weld\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-xts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-marshalling\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-ear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-ejb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-metadata-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remoting3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-vfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-domain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-standalone\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:picketlink-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:picketlink-federation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:2635\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL6\", reference:\"apache-cxf-2.7.18-7.SP6_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"codehaus-jackson-1.9.9-11.redhat_5.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"codehaus-jackson-core-asl-1.9.9-11.redhat_5.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"codehaus-jackson-jaxrs-1.9.9-11.redhat_5.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"codehaus-jackson-mapper-asl-1.9.9-11.redhat_5.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"codehaus-jackson-xc-1.9.9-11.redhat_5.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"hibernate4-core-eap6-4.2.27-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"hibernate4-eap6-4.2.27-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"hibernate4-entitymanager-eap6-4.2.27-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"hibernate4-envers-eap6-4.2.27-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"hibernate4-infinispan-eap6-4.2.27-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"hornetq-2.3.25-22.SP20_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"infinispan-5.2.22-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"infinispan-cachestore-jdbc-5.2.22-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"infinispan-cachestore-remote-5.2.22-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"infinispan-client-hotrod-5.2.22-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"infinispan-core-5.2.22-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-appclient-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-cli-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-client-all-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-clustering-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-cmp-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-configadmin-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-connector-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-controller-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-controller-client-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-core-security-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-deployment-repository-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-deployment-scanner-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-domain-http-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-domain-management-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-ee-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-ee-deployment-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-ejb3-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-embedded-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-host-controller-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jacorb-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jaxr-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jaxrs-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jdr-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jmx-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jpa-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jsf-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jsr77-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-logging-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-mail-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-management-client-content-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-messaging-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-modcluster-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-naming-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-network-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-osgi-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-osgi-configadmin-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-osgi-service-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-picketlink-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-platform-mbean-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-pojo-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-process-controller-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-protocol-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-remoting-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-sar-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-security-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-server-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-system-jmx-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-threads-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-transactions-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-version-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-web-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-webservices-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-weld-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-as-xts-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-marshalling-1.4.10-3.SP3_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-metadata-7.2.3-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-metadata-appclient-7.2.3-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-metadata-common-7.2.3-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-metadata-ear-7.2.3-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-metadata-ejb-7.2.3-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-metadata-web-7.2.3-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-modules-1.3.10-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-remoting3-3.3.10-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-vfs2-3.2.12-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossas-appclient-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossas-bundles-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossas-core-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossas-domain-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossas-javadocs-7.5.17-4.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossas-modules-eap-7.5.17-1.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossas-product-eap-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossas-standalone-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossas-welcome-content-eap-7.5.17-2.Final_redhat_4.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossweb-7.5.24-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"log4j-eap6-1.2.16-12.redhat_3.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"log4j-jboss-logmanager-1.1.4-1.Final_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"picketlink-bindings-2.5.4-17.SP15_redhat_1.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"picketlink-federation-2.5.4-17.SP15_redhat_1.1.ep6.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-cxf / codehaus-jackson / codehaus-jackson-core-asl / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-03T14:29:16", "description": "According to its self-reported version number, the version of JFrog Artifactory installed on the remote host is prior to 7.8.1. It is, therefore, affected by multiple vulnerabilities:\n\n - A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-15095)\n\n - FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath. (CVE-2017-17485)\n\n - A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-03-12T00:00:00", "type": "nessus", "title": "JFrog < 7.8.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2017-7525"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:jfrog:artifactory"], "id": "JFROG_ARTIFACTORY_7_8_1.NASL", "href": "https://www.tenable.com/plugins/nessus/147718", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147718);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-7525\", \"CVE-2017-15095\", \"CVE-2017-17485\");\n\n script_name(english:\"JFrog < 7.8.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Determines if the remote JFrog Artifactory installation is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the version of JFrog Artifactory installed on the remote host is prior\nto 7.8.1. It is, therefore, affected by multiple vulnerabilities:\n\n - A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow \n an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method \n of the ObjectMapper. (CVE-2017-15095)\n\n - FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because \n of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted \n JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring \n libraries are available in the classpath. (CVE-2017-17485)\n\n - A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could \n allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method \n of the ObjectMapper. (CVE-2017-7525)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8dc55d3d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to JFrog Artifactory 7.8.1 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-15095\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:jfrog:artifactory\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jfrog_artifactory_win_installed.nbin\", \"jfrog_artifactory_nix_installed.nbin\", \"os_fingerprint.nasl\");\n script_require_keys(\"installed_sw/Artifactory\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nwin_local = FALSE;\nos = get_kb_item('Host/OS');\nif ('windows' >< tolower(os)) win_local = TRUE;\n\napp_info = vcf::get_app_info(app:'Artifactory', win_local:win_local);\n\nconstraints = [\n { 'min_version' : '7.0', 'fixed_version' : '7.8.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-30T14:05:03", "description": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.1.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2018-06-29T00:00:00", "type": "nessus", "title": "RHEL 7 : JBoss EAP (RHSA-2018:2089)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7525", "CVE-2018-1114", "CVE-2018-7489"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-native", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions", "p-cpe:/a:redhat:enterprise_linux:eap7-commons-logging-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling-river", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-naming-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-java", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-web-console-eap", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2018-2089.NASL", "href": "https://www.tenable.com/plugins/nessus/110797", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2089. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110797);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-1114\", \"CVE-2018-7489\");\n script_xref(name:\"RHSA\", value:\"2018:2089\");\n\n script_name(english:\"RHEL 7 : JBoss EAP (RHSA-2018:2089)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.1 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.1.3\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.1.2, and includes bug fixes and enhancements, which are\ndocumented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe\nserialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:2089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-1114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-7489\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-commons-logging-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling-river\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-naming-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-web-console-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2089\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"eap7-jboss\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-cli-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-commons-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-core-client-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-dto-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-hornetq-protocol-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-hqclient-protocol-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-jdbc-store-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-jms-client-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-jms-server-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-journal-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-native-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-ra-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-selector-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-server-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-service-extensions-1.5.5.012-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-commons-logging-jboss-logmanager-1.0.3-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-5.1.14-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-core-5.1.14-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-entitymanager-5.1.14-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-envers-5.1.14-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-infinispan-5.1.14-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-java8-5.1.14-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-8.2.11-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-cachestore-jdbc-8.2.11-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-cachestore-remote-8.2.11-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-client-hotrod-8.2.11-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-commons-8.2.11-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-core-8.2.11-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-1.4.9-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-common-api-1.4.9-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-common-impl-1.4.9-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-common-spi-1.4.9-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-core-api-1.4.9-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-core-impl-1.4.9-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-deployers-common-1.4.9-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-jdbc-1.4.9-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-validator-1.4.9-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-databind-2.8.11.1-1.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-jaxrs-base-2.8.11-2.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-jaxrs-json-provider-2.8.11-2.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-module-jaxb-annotations-2.8.11-2.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-logmanager-2.0.10-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-marshalling-2.0.5-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-marshalling-river-2.0.5-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-modules-1.6.4-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-remoting-5.0.7-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-cli-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-core-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap6.4-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap6.4-to-eap7.0-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap6.4-to-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap7.0-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap7.0-to-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly10.0-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly10.0-to-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly10.1-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly10.1-to-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly8.2-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly8.2-to-eap7.0-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly8.2-to-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly9.0-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly9.0-to-eap7.0-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly9.0-to-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-api-2.5.5-12.SP11_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-bindings-2.5.5-12.SP11_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-common-2.5.5-12.SP11_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-config-2.5.5-12.SP11_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-federation-2.5.5-12.SP11_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-idm-api-2.5.5-12.SP11_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-idm-impl-2.5.5-12.SP11_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-idm-simple-schema-2.5.5-12.SP11_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-impl-2.5.5-12.SP11_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-wildfly8-2.5.5-12.SP11_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-undertow-1.4.18-6.SP7_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-7.1.3-2.GA_redhat_2.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-elytron-1.1.10-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-elytron-tool-1.0.7-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-javadocs-7.1.3-1.GA_redhat_2.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-modules-7.1.3-2.GA_redhat_2.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-naming-client-1.0.8-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-openssl-1.0.6-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-openssl-java-1.0.6-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-web-console-eap-2.9.17-1.Final_redhat_1.1.ep7.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-activemq-artemis / eap7-activemq-artemis-cli / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-30T14:05:20", "description": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.1.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2018-06-29T00:00:00", "type": "nessus", "title": "RHEL 6 : JBoss EAP (RHSA-2018:2090)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7525", "CVE-2018-1114", "CVE-2018-7489"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-native", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions", "p-cpe:/a:redhat:enterprise_linux:eap7-commons-logging-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-naming-client", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-java", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-web-console-eap", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling-river", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config"], "id": "REDHAT-RHSA-2018-2090.NASL", "href": "https://www.tenable.com/plugins/nessus/110798", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2090. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110798);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-1114\", \"CVE-2018-7489\");\n script_xref(name:\"RHSA\", value:\"2018:2090\");\n\n script_name(english:\"RHEL 6 : JBoss EAP (RHSA-2018:2090)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.1 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.1.3\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.1.2, and includes bug fixes and enhancements, which are\ndocumented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe\nserialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:2090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-1114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-7489\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-commons-logging-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling-river\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-naming-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-openssl-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-web-console-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2090\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"eap7-jboss\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-cli-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-commons-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-core-client-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-dto-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-hornetq-protocol-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-hqclient-protocol-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-jdbc-store-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-jms-client-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-jms-server-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-journal-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-native-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-ra-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-selector-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-server-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-service-extensions-1.5.5.012-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-commons-logging-jboss-logmanager-1.0.3-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-5.1.14-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-core-5.1.14-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-entitymanager-5.1.14-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-envers-5.1.14-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-infinispan-5.1.14-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-java8-5.1.14-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-8.2.11-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-cachestore-jdbc-8.2.11-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-cachestore-remote-8.2.11-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-client-hotrod-8.2.11-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-commons-8.2.11-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-core-8.2.11-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-1.4.9-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-common-api-1.4.9-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-common-impl-1.4.9-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-common-spi-1.4.9-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-core-api-1.4.9-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-core-impl-1.4.9-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-deployers-common-1.4.9-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-jdbc-1.4.9-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-validator-1.4.9-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-databind-2.8.11.1-1.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-jaxrs-base-2.8.11-2.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-jaxrs-json-provider-2.8.11-2.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-module-jaxb-annotations-2.8.11-2.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-logmanager-2.0.10-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-marshalling-2.0.5-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-marshalling-river-2.0.5-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-modules-1.6.4-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-remoting-5.0.7-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-cli-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-core-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap6.4-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap6.4-to-eap7.0-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap6.4-to-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.0-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.0-to-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly10.0-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly10.0-to-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly10.1-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly10.1-to-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly8.2-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly8.2-to-eap7.0-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly8.2-to-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly9.0-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly9.0-to-eap7.0-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly9.0-to-eap7.1-1.0.6-3.Final_redhat_3.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-api-2.5.5-12.SP11_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-bindings-2.5.5-12.SP11_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-common-2.5.5-12.SP11_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-config-2.5.5-12.SP11_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-federation-2.5.5-12.SP11_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-idm-api-2.5.5-12.SP11_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-idm-impl-2.5.5-12.SP11_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-idm-simple-schema-2.5.5-12.SP11_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-impl-2.5.5-12.SP11_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-wildfly8-2.5.5-12.SP11_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-undertow-1.4.18-6.SP7_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-7.1.3-2.GA_redhat_2.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-elytron-1.1.10-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-elytron-tool-1.0.7-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-javadocs-7.1.3-1.GA_redhat_2.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-modules-7.1.3-2.GA_redhat_2.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-naming-client-1.0.8-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-openssl-1.0.6-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-openssl-java-1.0.6-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-web-console-eap-2.9.17-1.Final_redhat_1.1.ep7.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-activemq-artemis / eap7-activemq-artemis-cli / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-04T14:18:24", "description": "An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* Further classes that an attacker could use to achieve code execution through deserialisation were discovered, and added to the blacklist introduced by CVE-2017-7525. (CVE-2017-15095, CVE-2017-17485)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525 and CVE-2017-15095 and 0c0c0f from 360Guan Xing Shi Yan Shi for reporting CVE-2017-17485.", "cvss3": {}, "published": "2018-04-30T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-maven35-jackson-databind (RHSA-2018:0342)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2017-7525"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rh-maven35-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:rh-maven35-jackson-databind-javadoc", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5"], "id": "REDHAT-RHSA-2018-0342.NASL", "href": "https://www.tenable.com/plugins/nessus/109428", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:0342. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109428);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/10/24 15:35:44\");\n\n script_cve_id(\"CVE-2017-15095\", \"CVE-2017-17485\", \"CVE-2017-7525\");\n script_xref(name:\"RHSA\", value:\"2018:0342\");\n\n script_name(english:\"RHEL 7 : rh-maven35-jackson-databind (RHSA-2018:0342)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for rh-maven35-jackson-databind is now available for Red Hat\nSoftware Collections.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe jackson-databind package provides general data-binding\nfunctionality for Jackson, which works on top of Jackson core\nstreaming API.\n\nSecurity Fix(es) :\n\n* A deserialization flaw was discovered in the jackson-databind which\ncould allow an unauthenticated user to perform code execution by\nsending the maliciously crafted input to the readValue method of the\nObjectMapper. (CVE-2017-7525)\n\n* Further classes that an attacker could use to achieve code execution\nthrough deserialisation were discovered, and added to the blacklist\nintroduced by CVE-2017-7525. (CVE-2017-15095, CVE-2017-17485)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting\nCVE-2017-7525 and CVE-2017-15095 and 0c0c0f from 360Guan Xing Shi Yan Shi \nfor reporting CVE-2017-17485.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:0342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-15095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-17485\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected rh-maven35-jackson-databind and / or\nrh-maven35-jackson-databind-javadoc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven35-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven35-jackson-databind-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:0342\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"rh-maven35-jackson-databind-2.7.6-2.4.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"rh-maven35-jackson-databind-javadoc-2.7.6-2.4.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rh-maven35-jackson-databind / rh-maven35-jackson-databind-javadoc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-03T14:12:24", "description": "Several vulnerabilities were fixed in libjackson-json-java.\n\nCVE-2017-7525\n\nJackson Deserializer security vulnerability.\n\nCVE-2017-15095\n\nBlock more JDK types from polymorphic deserialization.\n\nCVE-2019-10172\n\nXML external entity vulnerabilities.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 1.9.2-3+deb8u1.\n\nWe recommend that you upgrade your libjackson-json-java packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-02-03T00:00:00", "type": "nessus", "title": "Debian DLA-2091-1 : libjackson-json-java security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525", "CVE-2019-10172"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libjackson-json-java", "p-cpe:/a:debian:debian_linux:libjackson-json-java-doc", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-2091.NASL", "href": "https://www.tenable.com/plugins/nessus/133411", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2091-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133411);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-15095\", \"CVE-2017-7525\", \"CVE-2019-10172\");\n\n script_name(english:\"Debian DLA-2091-1 : libjackson-json-java security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were fixed in libjackson-json-java.\n\nCVE-2017-7525\n\nJackson Deserializer security vulnerability.\n\nCVE-2017-15095\n\nBlock more JDK types from polymorphic deserialization.\n\nCVE-2019-10172\n\nXML external entity vulnerabilities.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1.9.2-3+deb8u1.\n\nWe recommend that you upgrade your libjackson-json-java packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libjackson-json-java\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson-json-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson-json-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libjackson-json-java\", reference:\"1.9.2-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libjackson-json-java-doc\", reference:\"1.9.2-3+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:23:42", "description": "An update for rh-sso7-keycloak is now available for Red Hat Single Sign-On 7.1 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section.\n\nSecurity Fix(es) :\n\n* It was found that keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain reflected XSS via a malicious server. (CVE-2017-12158)\n\n* It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks. (CVE-2017-12159)\n\n* It was found that libpam4j did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information. (CVE-2017-12197)\n\n* It was found that Keycloak oauth would permit an authenticated resource to obtain an access/refresh token pair from the authentication server, permitting indefinite usage in the case of permission revocation. An attacker on an already compromised resource could use this flaw to grant himself continued permissions and possibly conduct further attacks. (CVE-2017-12160)\n\nRed Hat would like to thank Mykhailo Stadnyk (Playtech) for reporting CVE-2017-12158; Prapti Mittal for reporting CVE-2017-12159; and Bart Toersche (Simacan) for reporting CVE-2017-12160. The CVE-2017-12197 issue was discovered by Christian Heimes (Red Hat).", "cvss3": {}, "published": "2017-10-19T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-sso7-keycloak (RHSA-2017:2905)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9970", "CVE-2017-12158", "CVE-2017-12159", "CVE-2017-12160", "CVE-2017-12197"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak", "p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2017-2905.NASL", "href": "https://www.tenable.com/plugins/nessus/103957", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:2905. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103957);\n script_version(\"3.11\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2014-9970\", \"CVE-2017-12158\", \"CVE-2017-12159\", \"CVE-2017-12160\", \"CVE-2017-12197\");\n script_xref(name:\"RHSA\", value:\"2017:2905\");\n\n script_name(english:\"RHEL 7 : rh-sso7-keycloak (RHSA-2017:2905)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for rh-sso7-keycloak is now available for Red Hat Single\nSign-On 7.1 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat Single Sign-On is a standalone server, based on the Keycloak\nproject, that provides authentication and standards-based single\nsign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.1.3 serves as a replacement\nfor Red Hat Single Sign-On 7.1.2, and includes several bug fixes and\nenhancements. For further information, refer to the Release Notes\nlinked to in the References section.\n\nSecurity Fix(es) :\n\n* It was found that keycloak would accept a HOST header URL in the\nadmin console and use it to determine web resource locations. An\nattacker could use this flaw against an authenticated user to attain\nreflected XSS via a malicious server. (CVE-2017-12158)\n\n* It was found that the cookie used for CSRF prevention in Keycloak\nwas not unique to each session. An attacker could use this flaw to\ngain access to an authenticated user session, leading to possible\ninformation disclosure or further attacks. (CVE-2017-12159)\n\n* It was found that libpam4j did not properly validate user accounts\nwhen authenticating. A user with a valid password for a disabled\naccount would be able to bypass security restrictions and possibly\naccess sensitive information. (CVE-2017-12197)\n\n* It was found that Keycloak oauth would permit an authenticated\nresource to obtain an access/refresh token pair from the\nauthentication server, permitting indefinite usage in the case of\npermission revocation. An attacker on an already compromised resource\ncould use this flaw to grant himself continued permissions and\npossibly conduct further attacks. (CVE-2017-12160)\n\nRed Hat would like to thank Mykhailo Stadnyk (Playtech) for reporting\nCVE-2017-12158; Prapti Mittal for reporting CVE-2017-12159; and Bart\nToersche (Simacan) for reporting CVE-2017-12160. The CVE-2017-12197\nissue was discovered by Christian Heimes (Red Hat).\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1825fcce\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:2905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-9970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-12158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-12159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-12160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-12197\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected rh-sso7-keycloak and / or rh-sso7-keycloak-server\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:2905\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"rh-sso7-keycloak-2.5.14-1.Final_redhat_1.1.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"rh-sso7-keycloak-server-2.5.14-1.Final_redhat_1.1.jbcs.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rh-sso7-keycloak / rh-sso7-keycloak-server\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:56", "description": "An update for rh-sso7-keycloak is now available for Red Hat Single Sign-On 7.1 for RHEL 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section.\n\nSecurity Fix(es) :\n\n* It was found that keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain reflected XSS via a malicious server. (CVE-2017-12158)\n\n* It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks. (CVE-2017-12159)\n\n* It was found that libpam4j did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information. (CVE-2017-12197)\n\n* It was found that Keycloak oauth would permit an authenticated resource to obtain an access/refresh token pair from the authentication server, permitting indefinite usage in the case of permission revocation. An attacker on an already compromised resource could use this flaw to grant himself continued permissions and possibly conduct further attacks. (CVE-2017-12160)\n\nRed Hat would like to thank Mykhailo Stadnyk (Playtech) for reporting CVE-2017-12158; Prapti Mittal for reporting CVE-2017-12159; and Bart Toersche (Simacan) for reporting CVE-2017-12160. The CVE-2017-12197 issue was discovered by Christian Heimes (Red Hat).", "cvss3": {}, "published": "2017-10-19T00:00:00", "type": "nessus", "title": "RHEL 6 : rh-sso7-keycloak (RHSA-2017:2904)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9970", "CVE-2017-12158", "CVE-2017-12159", "CVE-2017-12160", "CVE-2017-12197"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak", "p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2017-2904.NASL", "href": "https://www.tenable.com/plugins/nessus/103956", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:2904. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103956);\n script_version(\"3.11\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2014-9970\", \"CVE-2017-12158\", \"CVE-2017-12159\", \"CVE-2017-12160\", \"CVE-2017-12197\");\n script_xref(name:\"RHSA\", value:\"2017:2904\");\n\n script_name(english:\"RHEL 6 : rh-sso7-keycloak (RHSA-2017:2904)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for rh-sso7-keycloak is now available for Red Hat Single\nSign-On 7.1 for RHEL 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat Single Sign-On is a standalone server, based on the Keycloak\nproject, that provides authentication and standards-based single\nsign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.1.3 serves as a replacement\nfor Red Hat Single Sign-On 7.1.2, and includes several bug fixes and\nenhancements. For further information, refer to the Release Notes\nlinked to in the References section.\n\nSecurity Fix(es) :\n\n* It was found that keycloak would accept a HOST header URL in the\nadmin console and use it to determine web resource locations. An\nattacker could use this flaw against an authenticated user to attain\nreflected XSS via a malicious server. (CVE-2017-12158)\n\n* It was found that the cookie used for CSRF prevention in Keycloak\nwas not unique to each session. An attacker could use this flaw to\ngain access to an authenticated user session, leading to possible\ninformation disclosure or further attacks. (CVE-2017-12159)\n\n* It was found that libpam4j did not properly validate user accounts\nwhen authenticating. A user with a valid password for a disabled\naccount would be able to bypass security restrictions and possibly\naccess sensitive information. (CVE-2017-12197)\n\n* It was found that Keycloak oauth would permit an authenticated\nresource to obtain an access/refresh token pair from the\nauthentication server, permitting indefinite usage in the case of\npermission revocation. An attacker on an already compromised resource\ncould use this flaw to grant himself continued permissions and\npossibly conduct further attacks. (CVE-2017-12160)\n\nRed Hat would like to thank Mykhailo Stadnyk (Playtech) for reporting\nCVE-2017-12158; Prapti Mittal for reporting CVE-2017-12159; and Bart\nToersche (Simacan) for reporting CVE-2017-12160. The CVE-2017-12197\nissue was discovered by Christian Heimes (Red Hat).\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1825fcce\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:2904\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-9970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-12158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-12159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-12160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-12197\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected rh-sso7-keycloak and / or rh-sso7-keycloak-server\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:2904\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"rh-sso7-keycloak-2.5.14-1.Final_redhat_1.1.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rh-sso7-keycloak-server-2.5.14-1.Final_redhat_1.1.jbcs.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rh-sso7-keycloak / rh-sso7-keycloak-server\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:17", "description": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the 'InResponseTo' field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).", "cvss3": {}, "published": "2017-09-28T00:00:00", "type": "nessus", "title": "RHEL 7 : JBoss EAP (RHSA-2017:2808)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9970", "CVE-2015-6644", "CVE-2017-2582", "CVE-2017-5645", "CVE-2017-7536"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-artemis-native", "p-cpe:/a:redhat:enterprise_linux:eap7-artemis-native-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-mail", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-pkix", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-prov", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator-cdi", "p-cpe:/a:redhat:enterprise_linux:eap7-jasypt", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jms-api_2.0_spec", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-appclient", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-common", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-ear", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-ejb", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-web", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remote-naming", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:eap7-log4j-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules"], "id": "REDHAT-RHSA-2017-2808.NASL", "href": "https://www.tenable.com/plugins/nessus/103526", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:2808. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103526);\n script_version(\"3.9\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2014-9970\", \"CVE-2015-6644\", \"CVE-2017-2582\", \"CVE-2017-5645\", \"CVE-2017-7536\");\n script_xref(name:\"RHSA\", value:\"2017:2808\");\n\n script_name(english:\"RHEL 7 : JBoss EAP (RHSA-2017:2808)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.0 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.8\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.0.7, and includes bug fixes and enhancements, which are\ndocumented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server\nthe log4j server would deserialize any log event received via TCP or\nUDP. An attacker could use this flaw to send a specially crafted log\nevent that, during deserialization, would execute arbitrary code in\nthe context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to\nperform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle\ncould enable a local malicious application to gain access to user's\nprivate information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil\nclass of Picketlink replaces special strings for obtaining attribute\nvalues with system property. This could allow an attacker to determine\nvalues of system properties at the attacked system by formatting the\nSAML request ID field to be the chosen system property which could be\nobtained in the 'InResponseTo' field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager's reflective\npermissions, which allows it to access the private members of the\nclass, are granted to Hibernate Validator, a potential privilege\nescalation can occur. By allowing the calling code to access those\nprivate members without the permission an attacker may be able to\nvalidate an invalid instance and access the private member value via\nConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and\nthe CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).\"\n );\n # https://access.redhat.com/documentation/en/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:2808\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-9970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-6644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-2582\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-5645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7536\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-artemis-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-artemis-native-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-pkix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-prov\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator-cdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jasypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jms-api_2.0_spec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-ear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-ejb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remote-naming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-log4j-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:2808\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"eap7-artemis-native-1.1.0-13.redhat_4.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"eap7-artemis-native-wildfly-1.1.0-13.redhat_4.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-bouncycastle-1.56.0-3.redhat_2.2.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-bouncycastle-mail-1.56.0-3.redhat_2.2.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-bouncycastle-pkix-1.56.0-3.redhat_2.2.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-bouncycastle-prov-1.56.0-3.redhat_2.2.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-validator-5.2.5-2.Final_redhat_2.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-validator-cdi-5.2.5-2.Final_redhat_2.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jasypt-1.9.2-2.redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-jms-api_2.0_spec-1.0.1-2.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-logmanager-2.0.7-2.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-metadata-10.0.2-2.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-metadata-appclient-10.0.2-2.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-metadata-common-10.0.2-2.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-metadata-ear-10.0.2-2.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-metadata-ejb-10.0.2-2.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-metadata-web-10.0.2-2.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-remote-naming-2.0.5-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-remoting-4.0.24-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-log4j-jboss-logmanager-1.1.4-2.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-api-2.5.5-9.SP8_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-bindings-2.5.5-9.SP8_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-common-2.5.5-9.SP8_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-config-2.5.5-9.SP8_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-federation-2.5.5-9.SP8_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-idm-api-2.5.5-9.SP8_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-idm-impl-2.5.5-9.SP8_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-idm-simple-schema-2.5.5-9.SP8_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-impl-2.5.5-9.SP8_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-wildfly8-2.5.5-9.SP8_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-undertow-1.3.31-1.Final_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-7.0.8-4.GA_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-javadocs-7.0.8-1.GA_redhat_1.1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-modules-7.0.8-4.GA_redhat_1.1.ep7.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-artemis-native / eap7-artemis-native-wildfly / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:55", "description": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the 'InResponseTo' field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).", "cvss3": {}, "published": "2017-09-28T00:00:00", "type": "nessus", "title": "RHEL 6 : JBoss EAP (RHSA-2017:2809)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9970", "CVE-2015-6644", "CVE-2017-2582", "CVE-2017-5645", "CVE-2017-7536"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-artemis-native", "p-cpe:/a:redhat:enterprise_linux:eap7-artemis-native-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-mail", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-pkix", "p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-prov", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator-cdi", "p-cpe:/a:redhat:enterprise_linux:eap7-jasypt", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-ear", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jms-api_2.0_spec", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-ejb", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-appclient", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-web", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-common", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remote-naming", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:eap7-log4j-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2017-2809.NASL", "href": "https://www.tenable.com/plugins/nessus/103527", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:2809. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103527);\n script_version(\"3.9\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2014-9970\", \"CVE-2015-6644\", \"CVE-2017-2582\", \"CVE-2017-5645\", \"CVE-2017-7536\");\n script_xref(name:\"RHSA\", value:\"2017:2809\");\n\n script_name(english:\"RHEL 6 : JBoss EAP (RHSA-2017:2809)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.0 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.8\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.0.7, and includes bug fixes and enhancements, which are\ndocumented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server\nthe log4j server would deserialize any log event received via TCP or\nUDP. An attacker could use this flaw to send a specially crafted log\nevent that, during deserialization, would execute arbitrary code in\nthe context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to\nperform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle\ncould enable a local malicious application to gain access to user's\nprivate information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil\nclass of Picketlink replaces special strings for obtaining attribute\nvalues with system property. This could allow an attacker to determine\nvalues of system properties at the attacked system by formatting the\nSAML request ID field to be the chosen system property which could be\nobtained in the 'InResponseTo' field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager's reflective\npermissions, which allows it to access the private members of the\nclass, are granted to Hibernate Validator, a potential privilege\nescalation can occur. By allowing the calling code to access those\nprivate members without the permission an attacker may be able to\nvalidate an invalid instance and access the private member value via\nConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and\nthe CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).\"\n );\n # https://access.redhat.com/documentation/en/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:2809\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-9970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-6644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-2582\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-5645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7536\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-artemis-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-artemis-native-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-pkix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-prov\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator-cdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jasypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jms-api_2.0_spec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-ear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-ejb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remote-naming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-log4j-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:2809\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"eap7-artemis-native-1.1.0-13.redhat_4.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"eap7-artemis-native-1.1.0-13.redhat_4.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"eap7-artemis-native-wildfly-1.1.0-13.redhat_4.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"eap7-artemis-native-wildfly-1.1.0-13.redhat_4.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-bouncycastle-1.56.0-3.redhat_2.2.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-bouncycastle-mail-1.56.0-3.redhat_2.2.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-bouncycastle-pkix-1.56.0-3.redhat_2.2.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-bouncycastle-prov-1.56.0-3.redhat_2.2.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-validator-5.2.5-2.Final_redhat_2.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-validator-cdi-5.2.5-2.Final_redhat_2.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jasypt-1.9.2-2.redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-jms-api_2.0_spec-1.0.1-2.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-logmanager-2.0.7-2.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-metadata-10.0.2-2.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-metadata-appclient-10.0.2-2.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-metadata-common-10.0.2-2.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-metadata-ear-10.0.2-2.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-metadata-ejb-10.0.2-2.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-metadata-web-10.0.2-2.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-remote-naming-2.0.5-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-remoting-4.0.24-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-log4j-jboss-logmanager-1.1.4-2.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-api-2.5.5-9.SP8_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-bindings-2.5.5-9.SP8_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-common-2.5.5-9.SP8_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-config-2.5.5-9.SP8_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-federation-2.5.5-9.SP8_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-idm-api-2.5.5-9.SP8_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-idm-impl-2.5.5-9.SP8_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-idm-simple-schema-2.5.5-9.SP8_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-impl-2.5.5-9.SP8_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-wildfly8-2.5.5-9.SP8_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-undertow-1.3.31-1.Final_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-7.0.8-4.GA_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-javadocs-7.0.8-1.GA_redhat_1.1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-modules-7.0.8-4.GA_redhat_1.1.ep7.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-artemis-native / eap7-artemis-native-wildfly / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:39:45", "description": "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.17.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.", "cvss3": {}, "published": "2017-09-08T00:00:00", "type": "nessus", "title": "RHEL 6 : jboss-ec2-eap (RHSA-2017:2638)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645", "CVE-2017-5664", "CVE-2017-7525", "CVE-2019-17571"], "modified": "2020-05-08T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jboss-ec2-eap", "p-cpe:/a:redhat:enterprise_linux:jboss-ec2-eap-samples", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2017-2638.NASL", "href": "https://www.tenable.com/plugins/nessus/103044", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:2638. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103044);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/08\");\n\n script_cve_id(\"CVE-2017-5645\", \"CVE-2017-5664\", \"CVE-2017-7525\", \"CVE-2019-17571\");\n script_xref(name:\"RHSA\", value:\"2017:2638\");\n script_xref(name:\"IAVA\", value:\"2020-A-0008-S\");\n\n script_name(english:\"RHEL 6 : jboss-ec2-eap (RHSA-2017:2638)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for jboss-ec2-eap is now available for Red Hat JBoss\nEnterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe jboss-ec2-eap packages provide scripts for Red Hat JBoss\nEnterprise Application Platform running on the Amazon Web Services\n(AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure\ncompatibility with Red Hat JBoss Enterprise Application Platform\n6.4.17.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server\nthe log4j server would deserialize any log event received via TCP or\nUDP. An attacker could use this flaw to send a specially crafted log\nevent that, during deserialization, would execute arbitrary code in\nthe context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in\nTomcat's DefaultServlet implementation. A crafted HTTP request could\ncause undesired side effects, possibly including the removal or\nreplacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which\ncould allow an unauthenticated user to perform code execution by\nsending the maliciously crafted input to the readValue method of the\nObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting\nCVE-2017-7525.\"\n );\n # https://access.redhat.com/documentation/en/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:2638\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-5645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-5664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-17571\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected jboss-ec2-eap and / or jboss-ec2-eap-samples\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-ec2-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-ec2-eap-samples\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/08\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:2638\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-ec2-eap-7.5.17-1.Final_redhat_4.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-ec2-eap-samples-7.5.17-1.Final_redhat_4.ep6.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jboss-ec2-eap / jboss-ec2-eap-samples\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-03T14:29:34", "description": "The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4741-1 advisory.\n\n - A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n - A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously. (CVE-2017-15095)\n\n - A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes. (CVE-2019-10172)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-03-23T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Jackson vulnerabilities (USN-4741-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-3720", "CVE-2017-15095", "CVE-2017-7525", "CVE-2019-10172"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libjackson-json-java"], "id": "UBUNTU_USN-4741-1.NASL", "href": "https://www.tenable.com/plugins/nessus/147976", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4741-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147976);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2017-7525\", \"CVE-2017-15095\", \"CVE-2019-10172\");\n script_xref(name:\"USN\", value:\"4741-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Jackson vulnerabilities (USN-4741-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-4741-1 advisory.\n\n - A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9,\n which could allow an unauthenticated user to perform code execution by sending the maliciously crafted\n input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n - A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which\n could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to\n the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by\n blacklisting more classes that could be used maliciously. (CVE-2017-15095)\n\n - A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity\n vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different\n classes. (CVE-2019-10172)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4741-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libjackson-json-java package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-7525\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjackson-json-java\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '16.04', 'pkgname': 'libjackson-json-java', 'pkgver': '1.9.2-7ubuntu0.2'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjackson-json-java');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:39:46", "description": "An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.8.\n\nRefer to the JBoss Enterprise Application Platform 7.0.8 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the 'InResponseTo' field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and the CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).", "cvss3": {}, "published": "2017-09-27T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : eap7-jboss-ec2-eap (RHSA-2017:2811)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9970", "CVE-2015-6644", "CVE-2017-2582", "CVE-2017-5645", "CVE-2017-7536", "CVE-2019-17571"], "modified": "2020-05-08T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ec2-eap", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ec2-eap-samples", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2017-2811.NASL", "href": "https://www.tenable.com/plugins/nessus/103500", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:2811. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103500);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/08\");\n\n script_cve_id(\"CVE-2014-9970\", \"CVE-2015-6644\", \"CVE-2017-2582\", \"CVE-2017-5645\", \"CVE-2017-7536\", \"CVE-2019-17571\");\n script_xref(name:\"RHSA\", value:\"2017:2811\");\n script_xref(name:\"IAVA\", value:\"2020-A-0008-S\");\n\n script_name(english:\"RHEL 6 / 7 : eap7-jboss-ec2-eap (RHSA-2017:2811)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss\nEnterprise Application Platform 7.0 for Red Hat Enterprise Linux 6 and\nRed Hat JBoss Enterprise Application Platform 7.0 for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss\nEnterprise Application Platform running on the Amazon Web Services\n(AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the eap7-jboss-ec2-eap package has been updated to\nensure compatibility with Red Hat JBoss Enterprise Application\nPlatform 7.0.8.\n\nRefer to the JBoss Enterprise Application Platform 7.0.8 Release\nNotes, linked to in the References section, for information on the\nmost significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es) :\n\n* It was found that when using remote logging with log4j socket server\nthe log4j server would deserialize any log event received via TCP or\nUDP. An attacker could use this flaw to send a specially crafted log\nevent that, during deserialization, would execute arbitrary code in\nthe context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to\nperform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle\ncould enable a local malicious application to gain access to user's\nprivate information. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil\nclass of Picketlink replaces special strings for obtaining attribute\nvalues with system property. This could allow an attacker to determine\nvalues of system properties at the attacked system by formatting the\nSAML request ID field to be the chosen system property which could be\nobtained in the 'InResponseTo' field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager's reflective\npermissions, which allows it to access the private members of the\nclass, are granted to Hibernate Validator, a potential privilege\nescalation can occur. By allowing the calling code to access those\nprivate members without the permission an attacker may be able to\nvalidate an invalid instance and access the private member value via\nConstraintViolation#getInvalidValue(). (CVE-2017-7536)\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat) and\nthe CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat).\"\n );\n # https://access.redhat.com/documentation/en/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:2811\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-9970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-6644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-2582\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-5645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7536\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-17571\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected eap7-jboss-ec2-eap and / or\neap7-jboss-ec2-eap-samples packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ec2-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ec2-eap-samples\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/27\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:2811\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-ec2-eap-7.0.8-1.GA_redhat_1.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-ec2-eap-samples-7.0.8-1.GA_redhat_1.ep7.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-ec2-eap-7.0.8-1.GA_redhat_1.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-ec2-eap-samples-7.0.8-1.GA_redhat_1.ep7.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-jboss-ec2-eap / eap7-jboss-ec2-eap-samples\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhatcve": [{"lastseen": "2022-04-02T14:46:27", "description": "A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-02T16:18:21", "type": "redhatcve", "title": "CVE-2014-9970", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970"], "modified": "2022-04-02T09:43:32", "id": "RH:CVE-2014-9970", "href": "https://access.redhat.com/security/cve/cve-2014-9970", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-04-02T14:44:53", "description": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.\n#### Mitigation\n\nMitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to <https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true> \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-04T05:14:31", "type": "redhatcve", "title": "CVE-2017-7525", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2022-04-02T10:52:58", "id": "RH:CVE-2017-7525", "href": "https://access.redhat.com/security/cve/cve-2017-7525", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-12-31T09:10:49", "description": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.\n#### Mitigation\n\nAdvice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here: \n\n\n<https://access.redhat.com/solutions/3279231> \n<https://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization> \n\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control \n* `enableDefaultTyping()` \n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS` \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-06T11:49:47", "type": "redhatcve", "title": "CVE-2018-7489", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-7489"], "modified": "2022-12-31T05:45:17", "id": "RH:CVE-2018-7489", "href": "https://access.redhat.com/security/cve/cve-2018-7489", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-07T11:11:38", "description": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.\n#### Mitigation\n\nMitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to <https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true> \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-17T23:47:49", "type": "redhatcve", "title": "CVE-2017-15095", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2022-07-07T09:09:15", "id": "RH:CVE-2017-15095", "href": "https://access.redhat.com/security/cve/cve-2017-15095", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-07T11:11:24", "description": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-09T07:26:09", "type": "redhatcve", "title": "CVE-2017-17485", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2017-7525"], "modified": "2022-07-07T09:16:02", "id": "RH:CVE-2017-17485", "href": "https://access.redhat.com/security/cve/cve-2017-17485", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-07T11:11:11", "description": "A deserialization flaw was discovered in the jackson-databind that could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaws CVE-2017-7525 and CVE-2017-17485 by blacklisting more classes that could be used maliciously.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-09T12:20:28", "type": "redhatcve", "title": "CVE-2018-5968", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525", "CVE-2018-5968"], "modified": "2022-07-07T11:01:16", "id": "RH:CVE-2018-5968", "href": "https://access.redhat.com/security/cve/cve-2018-5968", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2023-03-28T05:36:20", "description": "jasypt before 1.9.2 allows a timing attack against the password hash comparison.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-14T03:44:52", "type": "osv", "title": "Exposure of Sensitive Information to an Unauthorized Actor in Apache Jasypt", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970"], "modified": "2023-03-28T05:36:17", "id": "OSV:GHSA-R5C2-RXH2-F5H2", "href": "https://osv.dev/vulnerability/GHSA-r5c2-rxh2-f5h2", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-21T08:11:58", "description": "\nIn Apache Batik before 1.9, files lying on the filesystem of the server\nwhich uses batik can be revealed to arbitrary users who send maliciously\nformed SVG files. The file types that can be shown depend on the user\ncontext in which the exploitable application is running. If the user is\nroot a full compromise of the server - including confidential or\nsensitive files - would be possible. XXE can also be used to attack the\navailability of the server via denial of service as the references\nwithin a xml document can trivially trigger an amplification attack.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n1.7+dfsg-3+deb7u2.\n\n\nWe recommend that you upgrade your batik packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.2}, "published": "2017-04-29T00:00:00", "type": "osv", "title": "batik - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5662"], "modified": "2022-07-21T05:55:00", "id": "OSV:DLA-926-1", "href": "https://osv.dev/vulnerability/DLA-926-1", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2022-07-05T02:11:55", "description": "In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.2}, "published": "2022-05-13T01:14:24", "type": "osv", "title": "Improper Restriction of XML External Entity Reference in Apache Batik", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5662"], "modified": "2022-07-01T11:55:03", "id": "OSV:GHSA-QWGX-59JW-QFG9", "href": "https://osv.dev/vulnerability/GHSA-qwgx-59jw-qfg9", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2022-08-10T07:12:40", "description": "\nLiao Xinxi discovered that jackson-databind, a Java library used to\nparse JSON and other data formats, did not properly validate user\ninput before attemtping deserialization. This allowed an attacker to\nperform code execution by providing maliciously crafted input.\n\n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 2.4.2-2+deb8u1.\n\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 2.8.6-1+deb9u1.\n\n\nWe recommend that you upgrade your jackson-databind packages.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2017-10-20T00:00:00", "type": "osv", "title": "jackson-databind - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2022-08-10T07:12:36", "id": "OSV:DSA-4004-1", "href": "https://osv.dev/vulnerability/DSA-4004-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-11T01:24:17", "description": "A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-16T17:21:35", "type": "osv", "title": "A deserialization flaw was discovered in the jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2023-04-11T01:24:07", "id": "OSV:GHSA-QXXX-2PP7-5HMX", "href": "https://osv.dev/vulnerability/GHSA-qxxx-2pp7-5hmx", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:23:57", "description": "\nMan Yue Mo, Lars Krapf and Pierre Ernst discovered that Batik, a\ntoolkit for processing SVG images, did not properly validate its\ninput. This would allow an attacker to cause a denial-of-service,\nmount cross-site scripting attacks, or access restricted files on the\nserver.\n\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 1.7+dfsg-5+deb8u1.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.8-4+deb9u1.\n\n\nWe recommend that you upgrade your batik packages.\n\n\nFor the detailed security status of batik please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/batik>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-06-02T00:00:00", "type": "osv", "title": "batik - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5662", "CVE-2018-8013"], "modified": "2022-07-21T05:49:52", "id": "OSV:DSA-4215-1", "href": "https://osv.dev/vulnerability/DSA-4215-1", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2022-08-10T07:13:41", "description": "\nIt was discovered that jackson-databind, a Java library used to parse\nJSON and other data formats, improperly validated user input prior to\ndeserializing because of an incomplete fix for\n[\\\nCVE-2017-7525](https://security-tracker.debian.org/tracker/CVE-2017-7525).\n\n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 2.4.2-2+deb8u4.\n\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 2.8.6-1+deb9u4.\n\n\nWe recommend that you upgrade your jackson-databind packages.\n\n\nFor the detailed security status of jackson-databind please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/jackson-databind](https://security-tracker.debian.org/tracker/jackson-databind)\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-05-03T00:00:00", "type": "osv", "title": "jackson-databind - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7489", "CVE-2017-7525"], "modified": "2022-08-10T07:13:40", "id": "OSV:DSA-4190-1", "href": "https://osv.dev/vulnerability/DSA-4190-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T07:07:09", "description": "\nIt was discovered that jackson-databind, a Java library used to parse\nJSON and other data formats, improperly validated user input prior to\ndeserializing: following DSA-4004-1 for \n[\\\nCVE-2017-7525](https://security-tracker.debian.org/tracker/CVE-2017-7525), an additional set of classes was identified as unsafe \nfor deserialization.\n\n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 2.4.2-2+deb8u2.\n\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 2.8.6-1+deb9u2.\n\n\nWe recommend that you upgrade your jackson-databind packages.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2017-11-16T00:00:00", "type": "osv", "title": "jackson-databind - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2017-15095"], "modified": "2022-08-10T07:07:07", "id": "OSV:DSA-4037-1", "href": "https://osv.dev/vulnerability/DSA-4037-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-11T01:27:07", "description": "jackson-databind in versions prior to 2.8.10 and 2.9.1, contain a deserialization flaw which allows an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525, blacklisting additonal vulnerable classes.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-18T17:42:34", "type": "osv", "title": "jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2023-04-11T01:27:04", "id": "OSV:GHSA-H592-38CM-4GGP", "href": "https://osv.dev/vulnerability/GHSA-h592-38cm-4ggp", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-11T01:25:21", "description": "FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-16T17:45:18", "type": "osv", "title": "FasterXML jackson-databind allows unauthenticated remote code execution ", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-7489"], "modified": "2023-04-11T01:25:17", "id": "OSV:GHSA-CGGJ-FVV3-CQWV", "href": "https://osv.dev/vulnerability/GHSA-cggj-fvv3-cqwv", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-11T01:27:12", "description": "FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-18T17:42:48", "type": "osv", "title": "jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist bypass", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525"], "modified": "2023-04-11T01:26:37", "id": "OSV:GHSA-RFX6-VP9G-RH7V", "href": "https://osv.dev/vulnerability/GHSA-rfx6-vp9g-rh7v", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-11T01:38:45", "description": "FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-30T20:40:50", "type": "osv", "title": "Deserialization of Untrusted Data in jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525", "CVE-2018-5968"], "modified": "2023-04-11T01:38:39", "id": "OSV:GHSA-W3F4-3Q6J-RH82", "href": "https://osv.dev/vulnerability/GHSA-w3f4-3q6j-rh82", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T05:19:03", "description": "\nSeveral vulnerabilities were fixed in libjackson-json-java.\n\n\n* [CVE-2017-7525](https://security-tracker.debian.org/tracker/CVE-2017-7525)\nJackson Deserializer security vulnerability.\n* [CVE-2017-15095](https://security-tracker.debian.org/tracker/CVE-2017-15095)\nBlock more JDK types from polymorphic deserialization.\n* [CVE-2019-10172](https://security-tracker.debian.org/tracker/CVE-2019-10172)\nXML external entity vulnerabilities.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n1.9.2-3+deb8u1.\n\n\nWe recommend that you upgrade your libjackson-json-java packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-31T00:00:00", "type": "osv", "title": "libjackson-json-java - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2019-10172", "CVE-2017-15095"], "modified": "2022-08-05T05:18:42", "id": "OSV:DLA-2091-1", "href": "https://osv.dev/vulnerability/DLA-2091-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T05:19:21", "description": "\nSeveral vulnerabilities were fixed in libjackson-json-java,\na Java JSON processor.\n\n\n* [CVE-2017-7525](https://security-tracker.debian.org/tracker/CVE-2017-7525)\nJackson Deserializer security vulnerability.\n* [CVE-2017-15095](https://security-tracker.debian.org/tracker/CVE-2017-15095)\nBlock more JDK types from polymorphic deserialization.\n* [CVE-2019-10172](https://security-tracker.debian.org/tracker/CVE-2019-10172)\nXML external entity vulnerabilities.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n1.9.2-8+deb9u1.\n\n\nWe recommend that you upgrade your libjackson-json-java packages.\n\n\nFor the detailed security status of libjackson-json-java please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/libjackson-json-java>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-24T00:00:00", "type": "osv", "title": "libjackson-json-java - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2019-10172", "CVE-2017-15095"], "modified": "2022-08-05T05:18:52", "id": "OSV:DLA-2342-1", "href": "https://osv.dev/vulnerability/DLA-2342-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "veracode": [{"lastseen": "2023-04-18T16:25:52", "description": "jasypt is vulnerable to timing attacks. The attacks are possible because it uses `Arrays.equals` to verify passwords with different lengths, thereby revealing the time taken to compare the passwords.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-05-22T02:30:24", "type": "veracode", "title": "Timing Attack", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970"], "modified": "2019-05-15T06:18:11", "id": "VERACODE:4267", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-4267/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-04-18T13:57:15", "description": "jasypt is vulnerable to timing attacks. The attacks are possible because it uses `Arrays.equals` to verify passwords with different lengths, thereby revealing the time taken to compare the passwords.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-15T09:19:20", "type": "veracode", "title": "Timing Attack", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970"], "modified": "2019-05-15T06:18:11", "id": "VERACODE:12598", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-12598/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-04-18T16:10:38", "description": "Apache Batik is vulnerable to information disclosure through an external XML entity (XXE) vulnerability. The vulnerability is possible because it does not properly validate the file when handling a maliciously formed `SVG` file. Using this flaw, attackers can gain access to confidential information and private files. The XXE can also be used to trigger an XML entity expansion to consume all the system\u2019s memory, crashing it and causing a denial of service (DoS) condition.\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2017-04-19T01:00:17", "type": "veracode", "title": "Information Disclosure Through An External XML Entity (XXE) Vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5662"], "modified": "2020-10-21T01:10:31", "id": "VERACODE:3925", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-3925/summary", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2023-04-18T16:09:27", "description": "Jackson-databind is vulnerable to remote code execution attacks. These attacks are possible during bean deserialization and attackers are able to execute code and commands.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-04-19T05:40:17", "type": "veracode", "title": "Remote Code Execution (RCE) Through Deserialization", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2022-04-12T18:43:12", "id": "VERACODE:3929", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-3929/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T13:23:44", "description": "Jackson-databind is vulnerable to remote code execution (RCE) attacks. These attacks are possible during bean deserialization. Using this flaw attackers are able to execute code and commands. In order to be vulnerable to this attack, either the use of `@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS)` or `@JsonTypeInfo(use = JsonTypeInfo.Id.MINIMAL_CLASS)` or a call to `ObjectMapper.enableDefaultTyping(...)` is needed.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-15T09:18:21", "type": "veracode", "title": "Remote Code Execution (RCE) Through Deserialization", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2022-04-12T18:43:12", "id": "VERACODE:12540", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-12540/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T13:24:07", "description": "jackson-databind is vulnerable to remote code execution. The application does not block the `blaze-ds-opt` and `blaze-ds-core` classes from polymorphic deserialization, which would allow a remote attacker to leverage this vulnerability to execute arbitrary code. This vulnerability is due to an incomplete fix for the CVE-2017-7525.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-03T02:29:19", "type": "veracode", "title": "Remote Code Execution (RCE)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-14719"], "modified": "2021-05-21T16:15:56", "id": "VERACODE:8105", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-8105/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T16:11:27", "description": "Jackson-databind is vulnerable to remote code execution (RCE) attacks. This is a follow-up similar attack of CVE-2017-7525. The attack is still possible because more dangerous classes were added in the later released versions and were not blacklisted.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-02T08:36:33", "type": "veracode", "title": "Remote Code Execution (RCE) Through Deserialization", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2021-02-23T00:26:25", "id": "VERACODE:5364", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-5364/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T13:23:09", "description": "Jackson-databind is vulnerable to remote code execution (RCE) attacks. This is a follow-up similar attack of CVE-2017-7525. The attack is still possible because more dangerous classes were added in the later released versions and were not blacklisted.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-15T09:19:49", "type": "veracode", "title": "Remote Code Execution (RCE) Through Deserialization", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2021-02-23T00:26:25", "id": "VERACODE:12634", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-12634/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T13:22:45", "description": "Jackson-databind is vulnerable to remote code execution (RCE) attacks. Attackers can exploit an incomplete fix of `CVE-2017-7525` to bypass the blacklist when Spring libraries are available on the class path. In order to be vulnerable to this attack, either the use of `@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS)` or `@JsonTypeInfo(use = JsonTypeInfo.Id.MINIMAL_CLASS)` or a call to `ObjectMapper.enableDefaultTyping(...)` is needed.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-15T09:20:28", "type": "veracode", "title": "Remote Code Execution (RCE)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525"], "modified": "2021-01-19T17:27:47", "id": "VERACODE:12693", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-12693/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T13:24:11", "description": "jackson-databind is susceptible to deserialization of untrusted data. It is due to an incomplete fix for the CVE-2017-7525 which has classes which perform general-purpose data-binding functionality and tree-model for untrusted data.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-28T04:02:56", "type": "veracode", "title": "Deserialization Of Untrusted Data", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-14718"], "modified": "2021-05-21T16:15:24", "id": "VERACODE:8090", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-8090/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T13:24:13", "description": "jackson-databind can deserialize untrusted data. The vulnerability is due to an incomplete fix for the CVE-2017-7525.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-28T05:45:32", "type": "veracode", "title": "Deserialization Of Untrusted Data", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-14720"], "modified": "2021-01-25T07:33:46", "id": "VERACODE:8091", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-8091/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T13:24:16", "description": "jackson-databind can deserialize untrusted data. The vulnerability is due to an incomplete fix for the CVE-2017-7525.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2018-12-28T07:34:07", "type": "veracode", "title": "Deserialisation Of Untrusted Data", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-14721"], "modified": "2021-01-25T07:36:08", "id": "VERACODE:8093", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-8093/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T15:27:40", "description": "Jackson-databind is vulnerable to remote code execution (RCE) attacks. Attackers can exploit an incomplete fix of `CVE-2017-7525` to bypass the blacklist when Spring libraries are available on the class path. In order to be vulnerable to this attack, either the use of `@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS)` or `@JsonTypeInfo(use = JsonTypeInfo.Id.MINIMAL_CLASS)` or a call to `ObjectMapper.enableDefaultTyping(...)` is needed.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-11T02:20:08", "type": "veracode", "title": "Remote Code Execution (RCE)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525"], "modified": "2021-01-19T17:27:47", "id": "VERACODE:5684", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-5684/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T15:27:59", "description": "jackson-databind is vulnerable to remote code execution (RCE) attacks. Due to an incomplete fix for `CVE-2017-7525`, attackers can still send malicious code through JSON. The blacklist that was implemented, didn't take into account the `c3p0` gadgets available in the classpath.In order to be vulnerable to this attack, either the use of `@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS)` or `@JsonTypeInfo(use = JsonTypeInfo.Id.MINIMAL_CLASS)` or a call to `ObjectMapper.enableDefaultTyping(...)` is needed.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-27T02:43:42", "type": "veracode", "title": "Remote Code Execution (RCE)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-7489"], "modified": "2021-03-25T05:44:15", "id": "VERACODE:5854", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-5854/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T15:29:33", "description": "jackson-databind is vulnerable to remote code execution (RCE) attacks. Attackers can exploit an incomplete fix of `CVE-2017-7525` and `CVE-2017-17485` to bypass the blacklist during Jackson deserialization. In order to be vulnerable to this attack, either the use of `@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS)` or `@JsonTypeInfo(use = JsonTypeInfo.Id.MINIMAL_CLASS)` or a call to `ObjectMapper.enableDefaultTyping(...)` is needed.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-22T07:53:13", "type": "veracode", "title": "Remote Code Execution (RCE)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525", "CVE-2018-5968"], "modified": "2021-01-21T17:32:20", "id": "VERACODE:5732", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-5732/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-06-07T10:38:50", "description": "jasypt before 1.9.2 allows a timing attack against the password hash comparison.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-05-21T18:29:00", "type": "cve", "title": "CVE-2014-9970", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970"], "modified": "2018-02-14T02:29:00", "cpe": ["cpe:/a:jasypt_project:jasypt:1.9.1"], "id": "CVE-2014-9970", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9970", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:jasypt_project:jasypt:1.9.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:22:29", "description": "In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2017-04-18T14:59:00", "type": "cve", "title": "CVE-2017-5662", "cwe": ["CWE-611"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5662"], "modified": "2020-10-20T22:15:00", "cpe": ["cpe:/a:apache:batik:1.8"], "id": "CVE-2017-5662", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5662", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}, "cpe23": ["cpe:2.3:a:apache:batik:1.8:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:27:34", "description": "A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-06T15:29:00", "type": "cve", "title": "CVE-2017-7525", "cwe": ["CWE-184"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2022-04-12T16:17:00", "cpe": ["cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.6.0.0", "cpe:/a:redhat:jboss_enterprise_application_platform:6.0.0", "cpe:/a:oracle:banking_platform:2.6.0", "cpe:/a:oracle:banking_platform:2.6.1", "cpe:/a:oracle:primavera_unifier:16.2", "cpe:/a:oracle:enterprise_manager_for_virtualization:13.3.1", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.3.0.0", "cpe:/a:oracle:communications_billing_and_revenue_management:7.5", "cpe:/a:fasterxml:jackson-databind:2.9.0", "cpe:/a:oracle:primavera_unifier:18.8", "cpe:/a:oracle:enterprise_manager_for_virtualization:13.2.3", "cpe:/a:redhat:openshift_container_platform:4.1", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.5.0.0", "cpe:/a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1", "cpe:/a:oracle:communications_instant_messaging_server:10.0.1.2.0", "cpe:/a:netapp:oncommand_performance_manager:-", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0.0", "cpe:/a:oracle:webcenter_portal:12.2.1.3.0", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.2.0.0", "cpe:/a:oracle:banking_platform:2.5.0", "cpe:/a:oracle:communications_communications_policy_management:12.5.2", "cpe:/a:redhat:jboss_enterprise_application_platform:7.0", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.4.0.0", "cpe:/a:netapp:oncommand_shift:-", "cpe:/a:redhat:jboss_enterprise_application_platform:7.1", "cpe:/a:redhat:openshift_container_platform:3.11", "cpe:/a:oracle:enterprise_manager_for_virtualization:13.2.2", "cpe:/a:oracle:communications_billing_and_revenue_management:12.0", "cpe:/a:netapp:oncommand_balance:-", "cpe:/a:oracle:primavera_unifier:17.12", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:redhat:jboss_enterprise_application_platform:6.4.0", "cpe:/a:netapp:snapcenter:-", "cpe:/a:oracle:primavera_unifier:16.1", "cpe:/a:oracle:communications_instant_messaging_server:10.0.1", "cpe:/a:oracle:banking_platform:2.6.2", "cpe:/a:redhat:virtualization:4.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:redhat:virtualization_host:4.0"], "id": "CVE-2017-7525", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7525", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:linux:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_communications_policy_management:12.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease1:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease2:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*"]}, {"lastseen": "2023-06-05T14:59:06", "description": "A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-06T15:29:00", "type": "cve", "title": "CVE-2017-15095", "cwe": ["CWE-502"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2022-10-25T20:21:00", "cpe": ["cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.3", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.7", "cpe:/a:redhat:satellite:6.4", "cpe:/a:redhat:jboss_enterprise_application_platform:6.0.0", "cpe:/a:oracle:banking_platform:2.6.0", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.2", "cpe:/a:oracle:banking_platform:2.6.1", "cpe:/a:oracle:primavera_unifier:16.2", "cpe:/a:oracle:jd_edwards_enterpriseone_tools:9.2", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.5", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.4", "cpe:/a:oracle:enterprise_manager_for_virtualization:13.3.1", "cpe:/a:oracle:communications_billing_and_revenue_management:7.5", "cpe:/a:fasterxml:jackson-databind:2.9.0", "cpe:/a:oracle:primavera_unifier:18.8", "cpe:/a:oracle:enterprise_manager_for_virtualization:13.2.3", "cpe:/a:redhat:openshift_container_platform:4.1", "cpe:/a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1", "cpe:/a:oracle:communications_instant_messaging_server:10.0.1.2.0", "cpe:/a:redhat:satellite_capsule:6.4", "cpe:/a:netapp:oncommand_performance_manager:-", "cpe:/a:oracle:webcenter_portal:12.2.1.3.0", "cpe:/a:oracle:banking_platform:2.5.0", "cpe:/a:oracle:database_server:12.2.0.1", "cpe:/a:netapp:oncommand_shift:-", "cpe:/a:oracle:identity_manager:12.2.1.3.0", "cpe:/a:redhat:openshift_container_platform:3.11", "cpe:/a:oracle:enterprise_manager_for_virtualization:13.2.2", "cpe:/a:oracle:communications_billing_and_revenue_management:12.0", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.6", "cpe:/a:netapp:oncommand_balance:-", "cpe:/a:oracle:primavera_unifier:17.12", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:redhat:jboss_enterprise_application_platform:6.4.0", "cpe:/a:oracle:clusterware:12.1.0.2.0", "cpe:/a:oracle:database_server:18.1", "cpe:/a:netapp:snapcenter:-", "cpe:/a:oracle:primavera_unifier:16.1", "cpe:/a:oracle:identity_manager:11.1.2.3.0", "cpe:/a:oracle:banking_platform:2.6.2", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:redhat:jboss_enterprise_application_platform:7.1.0"], "id": "CVE-2017-15095", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15095", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:clusterware:12.1.0.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease4:*:*:*:*:*:*", "cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease1:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease2:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:database_server:18.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "cpe:2.3:a:fasterxml:jackson-databind:2.9.0:-:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:identity_manager:11.1.2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:database_server:12.2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*", "cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease3:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:linux:*:*", "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*"]}, {"lastseen": "2023-06-05T15:06:32", "description": "FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-10T18:29:00", "type": "cve", "title": "CVE-2017-17485", "cwe": ["CWE-502"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525"], "modified": "2021-01-19T15:51:00", "cpe": ["cpe:/a:netapp:snapcenter:-", "cpe:/a:redhat:openshift_container_platform:4.1", "cpe:/a:redhat:openshift_container_platform:3.11", "cpe:/a:netapp:e-series_santricity_web_services_proxy:-", "cpe:/a:netapp:e-series_santricity_os_controller:11.60.3", "cpe:/a:redhat:jboss_enterprise_application_platform:6.0.0", "cpe:/a:netapp:oncommand_shift:-", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:redhat:jboss_enterprise_application_platform:6.4.0", "cpe:/a:redhat:jboss_enterprise_application_platform:7.1"], "id": "CVE-2017-17485", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17485", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T15:09:26", "description": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-26T15:29:00", "type": "cve", "title": "CVE-2018-7489", "cwe": ["CWE-502", "CWE-184"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-7489"], "modified": "2021-03-25T01:15:00", "cpe": ["cpe:/a:redhat:jboss_enterprise_application_platform:6.4.19", "cpe:/a:redhat:jboss_enterprise_application_platform:7.1.2", "cpe:/a:oracle:communications_instant_messaging_server:10.0.1", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:oracle:communications_billing_and_revenue_management:12.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:oracle:communications_billing_and_revenue_management:7.5"], "id": "CVE-2018-7489", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7489", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.19:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T15:03:48", "description": "FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-22T04:29:00", "type": "cve", "title": "CVE-2018-5968", "cwe": ["CWE-502", "CWE-184"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525", "CVE-2018-5968"], "modified": "2021-01-21T16:22:00", "cpe": ["cpe:/a:redhat:jboss_enterprise_application_platform:7.1", "cpe:/a:netapp:e-series_santricity_web_services_proxy:-", "cpe:/a:redhat:virtualization:4.0", "cpe:/a:redhat:openshift_container_platform:3.11", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:netapp:oncommand_shift:-", "cpe:/a:redhat:openshift_container_platform:4.1", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:netapp:e-series_santricity_os_controller:11.60.3", "cpe:/a:redhat:virtualization_host:4.0"], "id": "CVE-2018-5968", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5968", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"]}], "github": [{"lastseen": "2023-06-07T11:13:24", "description": "jasypt before 1.9.2 allows a timing attack against the password hash comparison.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-14T03:44:52", "type": "github", "title": "Exposure of Sensitive Information to an Unauthorized Actor in Apache Jasypt", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970"], "modified": "2023-01-27T05:02:26", "id": "GHSA-R5C2-RXH2-F5H2", "href": "https://github.com/advisories/GHSA-r5c2-rxh2-f5h2", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-05T17:17:53", "description": "In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2022-05-13T01:14:24", "type": "github", "title": "Improper Restriction of XML External Entity Reference in Apache Batik", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5662"], "modified": "2023-01-27T05:02:09", "id": "GHSA-QWGX-59JW-QFG9", "href": "https://github.com/advisories/GHSA-qwgx-59jw-qfg9", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2023-06-05T17:19:17", "description": "A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-16T17:21:35", "type": "github", "title": "A deserialization flaw was discovered in the jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2023-02-01T05:04:09", "id": "GHSA-QXXX-2PP7-5HMX", "href": "https://github.com/advisories/GHSA-qxxx-2pp7-5hmx", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-05T17:19:14", "description": "FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-18T17:42:48", "type": "github", "title": "jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist bypass", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525"], "modified": "2023-01-31T05:03:28", "id": "GHSA-RFX6-VP9G-RH7V", "href": "https://github.com/advisories/GHSA-rfx6-vp9g-rh7v", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-05T17:19:14", "description": "jackson-databind in versions prior to 2.8.10 and 2.9.1, contain a deserialization flaw which allows an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525, blacklisting additonal vulnerable classes.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-18T17:42:34", "type": "github", "title": "jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2023-01-29T05:06:33", "id": "GHSA-H592-38CM-4GGP", "href": "https://github.com/advisories/GHSA-h592-38cm-4ggp", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-06T17:14:39", "description": "FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-16T17:45:18", "type": "github", "title": "FasterXML jackson-databind allows unauthenticated remote code execution ", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-7489"], "modified": "2023-02-01T05:03:45", "id": "GHSA-CGGJ-FVV3-CQWV", "href": "https://github.com/advisories/GHSA-cggj-fvv3-cqwv", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-06T17:14:23", "description": "FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-30T20:40:50", "type": "github", "title": "Deserialization of Untrusted Data in jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525", "CVE-2018-5968"], "modified": "2023-02-01T05:04:08", "id": "GHSA-W3F4-3Q6J-RH82", "href": "https://github.com/advisories/GHSA-w3f4-3q6j-rh82", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2023-06-07T14:34:23", "description": "jasypt before 1.9.2 allows a timing attack against the password hash\ncomparison.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-05-21T00:00:00", "type": "ubuntucve", "title": "CVE-2014-9970", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970"], "modified": "2017-05-21T00:00:00", "id": "UB:CVE-2014-9970", "href": "https://ubuntu.com/security/CVE-2014-9970", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T14:13:06", "description": "In Apache Batik before 1.9, files lying on the filesystem of the server\nwhich uses batik can be revealed to arbitrary users who send maliciously\nformed SVG files. The file types that can be shown depend on the user\ncontext in which the exploitable application is running. If the user is\nroot a full compromise of the server - including confidential or sensitive\nfiles - would be possible. XXE can also be used to attack the availability\nof the server via denial of service as the references within a xml document\ncan trivially trigger an amplification attack.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2017-04-18T00:00:00", "type": "ubuntucve", "title": "CVE-2017-5662", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5662"], "modified": "2017-04-18T00:00:00", "id": "UB:CVE-2017-5662", "href": "https://ubuntu.com/security/CVE-2017-5662", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2023-06-06T14:02:37", "description": "A deserialization flaw was discovered in the jackson-databind, versions\nbefore 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated\nuser to perform code execution by sending the maliciously crafted input to\nthe readValue method of the ObjectMapper.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=1462702>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-06T00:00:00", "type": "ubuntucve", "title": "CVE-2017-7525", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2018-02-06T00:00:00", "id": "UB:CVE-2017-7525", "href": "https://ubuntu.com/security/CVE-2017-7525", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-06T14:02:39", "description": "A deserialization flaw was discovered in the jackson-databind in versions\nbefore 2.8.10 and 2.9.1, which could allow an unauthenticated user to\nperform code execution by sending the maliciously crafted input to the\nreadValue method of the ObjectMapper. This issue extends the previous flaw\nCVE-2017-7525 by blacklisting more classes that could be used maliciously.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-06T00:00:00", "type": "ubuntucve", "title": "CVE-2017-15095", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2018-02-06T00:00:00", "id": "UB:CVE-2017-15095", "href": "https://ubuntu.com/security/CVE-2017-15095", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-06T14:03:28", "description": "FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows\nunauthenticated remote code execution because of an incomplete fix for the\nCVE-2017-7525 deserialization flaw. This is exploitable by sending\nmaliciously crafted JSON input to the readValue method of the ObjectMapper,\nbypassing a blacklist that is ineffective if the Spring libraries are\navailable in the classpath.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[msalvatore](<https://launchpad.net/~msalvatore>) | The fix for CVE-2017-7525 has not yet been applied\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-10T00:00:00", "type": "ubuntucve", "title": "CVE-2017-17485", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525"], "modified": "2018-01-10T00:00:00", "id": "UB:CVE-2017-17485", "href": "https://ubuntu.com/security/CVE-2017-17485", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-07T14:24:04", "description": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x\nbefore 2.9.5 allows unauthenticated remote code execution because of an\nincomplete fix for the CVE-2017-7525 deserialization flaw. This is\nexploitable by sending maliciously crafted JSON input to the readValue\nmethod of the ObjectMapper, bypassing a blacklist that is ineffective if\nthe c3p0 libraries are available in the classpath.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891614>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-26T00:00:00", "type": "ubuntucve", "title": "CVE-2018-7489", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-7489"], "modified": "2018-02-26T00:00:00", "id": "UB:CVE-2018-7489", "href": "https://ubuntu.com/security/CVE-2018-7489", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-07T14:25:09", "description": "FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows\nunauthenticated remote code execution because of an incomplete fix for the\nCVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable\nvia two different gadgets that bypass a blacklist.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-22T00:00:00", "type": "ubuntucve", "title": "CVE-2018-5968", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525", "CVE-2018-5968"], "modified": "2018-01-22T00:00:00", "id": "UB:CVE-2018-5968", "href": "https://ubuntu.com/security/CVE-2018-5968", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2023-06-07T14:56:02", "description": "jasypt before 1.9.2 allows a timing attack against the password hash comparison.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-05-21T18:29:00", "type": "debiancve", "title": "CVE-2014-9970", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9970"], "modified": "2017-05-21T18:29:00", "id": "DEBIANCVE:CVE-2014-9970", "href": "https://security-tracker.debian.org/tracker/CVE-2014-9970", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-05T18:10:41", "description": "In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2017-04-18T14:59:00", "type": "debiancve", "title": "CVE-2017-5662", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5662"], "modified": "2017-04-18T14:59:00", "id": "DEBIANCVE:CVE-2017-5662", "href": "https://security-tracker.debian.org/tracker/CVE-2017-5662", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2023-06-05T18:12:54", "description": "A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-06T15:29:00", "type": "debiancve", "title": "CVE-2017-7525", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2018-02-06T15:29:00", "id": "DEBIANCVE:CVE-2017-7525", "href": "https://security-tracker.debian.org/tracker/CVE-2017-7525", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-05T18:12:54", "description": "A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-06T15:29:00", "type": "debiancve", "title": "CVE-2017-15095", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2018-02-06T15:29:00", "id": "DEBIANCVE:CVE-2017-15095", "href": "https://security-tracker.debian.org/tracker/CVE-2017-15095", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-05T18:12:54", "description": "FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-10T18:29:00", "type": "debiancve", "title": "CVE-2017-17485", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525"], "modified": "2018-01-10T18:29:00", "id": "DEBIANCVE:CVE-2017-17485", "href": "https://security-tracker.debian.org/tracker/CVE-2017-17485", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-06T18:10:47", "description": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-26T15:29:00", "type": "debiancve", "title": "CVE-2018-7489", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525", "CVE-2018-7489"], "modified": "2018-02-26T15:29:00", "id": "DEBIANCVE:CVE-2018-7489", "href": "https://security-tracker.debian.org/tracker/CVE-2018-7489", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-06T18:10:47", "description": "FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-22T04:29:00", "type": "debiancve", "title": "CVE-2018-5968", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17485", "CVE-2017-7525", "CVE-2018-5968"], "modified": "2018-01-22T04:29:00", "id": "DEBIANCVE:CVE-2018-5968", "href": "https://security-tracker.debian.org/tracker/CVE-2018-5968", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "description": "Batik is a Java(tm) technology based toolkit for applications that want to use images in the Scalable Vector Graphics (SVG) format for various purposes, such as viewing, generation or manipulation. ", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.2}, "published": "2017-05-10T03:55:54", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: batik-1.8-9.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5662"], "modified": "2017-05-10T03:55:54", "id": "FEDORA:197B860617F0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UVNDHXPRCXGPC7QQOX5D24C3VDYCPP3J/", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Batik is a Java(tm) technology based toolkit for applications that want to use images in the Scalable Vector Graphics (SVG) format for various purposes, such as viewing, generation or manipulation. ", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.2}, "published": "2017-05-10T04:02:57", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: batik-1.8-9.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5662"], "modified": "2017-05-10T04:02:57", "id": "FEDORA:B9464608783A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/K4WKBRZRWAT3FMRALOUZ3HZOQCO3LIXQ/", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Batik is a Java(tm) technology based toolkit for applications that want to use images in the Scalable Vector Graphics (SVG) format for various purposes, such as viewing, generation or manipulation. ", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.2}, "published": "2017-05-09T21:29:07", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: batik-1.9-3.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5662"], "modified": "2017-05-09T21:29:07", "id": "FEDORA:CCD696079D01", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KPDLOK2DRJD3FVKIONDRJWLQNFR4MNWA/", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "General data-binding functionality for Jackson: works on core streaming API. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2017-07-31T19:19:46", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: jackson-databind-2.6.3-3.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2017-07-31T19:19:46", "id": "FEDORA:9B33E60E86E5", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CZTM7JEB4G74ZPXYZSQCSH3SC64D2MJF/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "General data-binding functionality for Jackson: works on core streaming API. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2017-08-11T23:54:29", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: jackson-databind-2.7.6-3.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2017-08-11T23:54:29", "id": "FEDORA:613766079706", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TS6VYF6FT3ZVKWPBSZMXAVXXKZRYIOFF/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "General data-binding functionality for Jackson: works on core streaming API. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2017-08-12T18:26:51", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: jackson-databind-2.7.6-3.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7525"], "modified": "2017-08-12T18:26:51", "id": "FEDORA:D17F86077DFD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WOZFIZO57G7LRXLM2S5I6IRFCSP6IJPW/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "General data-binding functionality for Jackson: works on core streaming API. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2017-11-15T20:23:08", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: jackson-databind-2.7.6-5.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-7525"], "modified": "2017-11-15T20:23:08", "id": "FEDORA:D74C160C9AD0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GKQQM3IDZU5F3QHCKEM5HPM2BHQDDWUT/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "General data-binding functionality for Jackson: works on core strea

(RHSA-2017:2546) Important: Red Hat JBoss BPM Suite 6.4.5 security update

Description

Related