Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.13 views

RHEL 8 : infinispan (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - infinispan: Unsafe deserialization of malicious object injected into data cache CVE-2017-15089 Note that Nessus has...

7.4AI score0.02881EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/06/15 4:8 p.m.88 views

Critical: Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 12 security update

This is a security update for JBoss EAP Continuous Delivery 12.0. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS7.3AI score0.91896EPSS
Exploits11References6
RedHat Linux
RedHat Linux
added 2019/06/04 2:33 p.m.104 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R12 security and bug fix update

An update is now available for Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.4AI score0.02881EPSS
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2018/05/02 12:0 a.m.5 views

Red Hat JBoss Data Grid Hotrod Client Insecure Deserialization (CVE-2017-15089)

An insecure deserialization vulnerability exists in the Hotrod client that ships with Red Hat JBoss Data Grid. This vulnerability is due the Hotrod client unsafely reading serialized data from the JBoss Data Grid cache...

6.5CVSS1.6AI score0.02881EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/03/14 12:0 a.m.55 views

RHEL 6 : JBoss Enterprise Application Platform 7.1.1 on RHEL 6 (Important) (RHSA-2018:0479)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0479 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red...

9.8CVSS7.5AI score0.49727EPSS
Exploits7References20
RedHat Linux
RedHat Linux
added 2018/03/12 5:31 p.m.154 views

Important: Red Hat Security Advisory: jboss-ec2-eap package for EAP 7.1.1

An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.1.1 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.1.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impa...

9.8CVSS6.7AI score0.49727EPSS
Exploits7References11
RedHat Linux
RedHat Linux
added 2018/03/12 5:4 p.m.124 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 7.1.1 on RHEL 6

An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

9.8CVSS6.8AI score0.49727EPSS
Exploits7References11
RedHat Linux
RedHat Linux
added 2018/03/12 4:37 p.m.166 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.1 security update

An update is now available for Red Hat JBoss Enterprise Application Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS6.8AI score0.49727EPSS
Exploits7References12
OSV
OSV
added 2018/02/15 5:29 p.m.35 views

CVE-2017-15089

It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks...

8.8CVSS8.7AI score
Exploits0References9
CVE
CVE
added 2018/02/15 5:0 p.m.137 views

CVE-2017-15089

The CVE-2017-15089 vulnerability affects the Infinispan Hotrod client: before version 9.2.0.CR1, deserialized data from the cache could be read unsafely, allowing an authenticated attacker to inject a malicious object and trigger client deserialization. Remediation is to upgrade to 9.2.0.CR1 or n...

8.8CVSS8.2AI score0.02881EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder