Lucene search

K
redhatRedHatRHSA-2018:2090
HistoryJun 27, 2018 - 2:46 p.m.

(RHSA-2018:2090) Moderate: Red Hat JBoss Enterprise Application Platform security update

2018-06-2714:46:20
access.redhat.com
108

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.951 High

EPSS

Percentile

99.3%

Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.

This release of Red Hat JBoss Enterprise Application Platform 7.1.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

Security Fix(es):

  • jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat6noarcheap7-jboss-server-migration-core< 1.0.6-3.Final_redhat_3.1.ep7.el6eap7-jboss-server-migration-core-1.0.6-3.Final_redhat_3.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-ironjacamar-common-api< 1.4.9-1.Final_redhat_1.1.ep7.el6eap7-ironjacamar-common-api-1.4.9-1.Final_redhat_1.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-jboss-server-migration-wildfly8.2-to-eap7.0< 1.0.6-3.Final_redhat_3.1.ep7.el6eap7-jboss-server-migration-wildfly8.2-to-eap7.0-1.0.6-3.Final_redhat_3.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-wildfly-naming-client< 1.0.8-1.Final_redhat_1.1.ep7.el6eap7-wildfly-naming-client-1.0.8-1.Final_redhat_1.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-hibernate< 5.1.14-1.Final_redhat_1.1.ep7.el6eap7-hibernate-5.1.14-1.Final_redhat_1.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-jboss-server-migration-wildfly10.0< 1.0.6-3.Final_redhat_3.1.ep7.el6eap7-jboss-server-migration-wildfly10.0-1.0.6-3.Final_redhat_3.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-picketlink-common< 2.5.5-12.SP11_redhat_1.1.ep7.el6eap7-picketlink-common-2.5.5-12.SP11_redhat_1.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-jackson-databind< 2.8.11.1-1.redhat_1.1.ep7.el6eap7-jackson-databind-2.8.11.1-1.redhat_1.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-jboss-server-migration-wildfly9.0< 1.0.6-3.Final_redhat_3.1.ep7.el6eap7-jboss-server-migration-wildfly9.0-1.0.6-3.Final_redhat_3.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-activemq-artemis-server< 1.5.5.012-1.redhat_1.1.ep7.el6eap7-activemq-artemis-server-1.5.5.012-1.redhat_1.1.ep7.el6.noarch.rpm
Rows per page:
1-10 of 861

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.951 High

EPSS

Percentile

99.3%