Lucene search

K
redhatRedHatRHSA-2018:2090
HistoryJun 27, 2018 - 2:46 p.m.

(RHSA-2018:2090) Moderate: Red Hat JBoss Enterprise Application Platform security update

2018-06-2714:46:20
access.redhat.com
114

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.936

Percentile

99.1%

Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.

This release of Red Hat JBoss Enterprise Application Platform 7.1.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

Security Fix(es):

  • jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat6noarcheap7-activemq-artemis-native< 1.5.5.012-1.redhat_1.1.ep7.el6eap7-activemq-artemis-native-1.5.5.012-1.redhat_1.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-jboss-server-migration-core< 1.0.6-3.Final_redhat_3.1.ep7.el6eap7-jboss-server-migration-core-1.0.6-3.Final_redhat_3.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-jboss-server-migration-wildfly9.0< 1.0.6-3.Final_redhat_3.1.ep7.el6eap7-jboss-server-migration-wildfly9.0-1.0.6-3.Final_redhat_3.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-activemq-artemis-jdbc-store< 1.5.5.012-1.redhat_1.1.ep7.el6eap7-activemq-artemis-jdbc-store-1.5.5.012-1.redhat_1.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-ironjacamar-core-api< 1.4.9-1.Final_redhat_1.1.ep7.el6eap7-ironjacamar-core-api-1.4.9-1.Final_redhat_1.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-ironjacamar-jdbc< 1.4.9-1.Final_redhat_1.1.ep7.el6eap7-ironjacamar-jdbc-1.4.9-1.Final_redhat_1.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-activemq-artemis-jms-client< 1.5.5.012-1.redhat_1.1.ep7.el6eap7-activemq-artemis-jms-client-1.5.5.012-1.redhat_1.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-ironjacamar-common-spi< 1.4.9-1.Final_redhat_1.1.ep7.el6eap7-ironjacamar-common-spi-1.4.9-1.Final_redhat_1.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-jboss-logmanager< 2.0.10-1.Final_redhat_1.1.ep7.el6eap7-jboss-logmanager-2.0.10-1.Final_redhat_1.1.ep7.el6.noarch.rpm
RedHat6noarcheap7-picketlink-idm-api< 2.5.5-12.SP11_redhat_1.1.ep7.el6eap7-picketlink-idm-api-2.5.5-12.SP11_redhat_1.1.ep7.el6.noarch.rpm
Rows per page:
1-10 of 861

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.936

Percentile

99.1%