CVE-2016-6311

It was found that when issuing a GET request which results in a 302 redirect, and when the request header 'Host' field was not set, the response header field 'Location' contains the internal IP address of the server. An attacker could use this disclose information which they are not authorized to...

RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.1.0 (RHSA-2017:3454)

"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3454 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Re...

RHEL 6 / 7 : eap7-jboss-ec2-eap (RHSA-2017:3458)

"The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3458 advisory. The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services AW...

Important: Red Hat Security Advisory: eap7-jboss-ec2-eap security update

An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact o...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.0 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.0 security update

An update is now available for Red Hat JBoss Enterprise Application Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

CVE-2016-6311

Get requests in JBoss Enterprise Application Platform EAP 7 disclose internal IP addresses to remote attackers...

CVE-2016-6311

CVE-2016-6311 affects Red Hat JBoss Enterprise Application Platform 7.1.x. The issue is an information disclosure where a GET request that results in a 302 redirect and lacks a Host header causes the Location response header to reveal the server’s internal IP address. This could let an unauthenti...

CVE-2016-6311

Get requests in JBoss Enterprise Application Platform EAP 7 disclose internal IP addresses to remote attackers...