Jboss Fuse@6.0.0 Security Vulnerabilities and Issues — Jboss Fuse@6.0.0 CVE List

Lucene search

RedhatJboss Fuse6.0.0

3 matches found

CVE•added 2018/04/18 1:29 a.m.•442 views

CVE-2017-12196

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the des...

5.9CVSS5.6AI score0.00401EPSS

CVE•added 2018/08/01 2:29 p.m.•61 views

CVE-2016-8648

It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute remote code on the server as the user running the Java Virtual Machine if the target MBean contain d...

7.2CVSS7.3AI score0.00536EPSS

CVE•added 2018/08/01 2:29 p.m.•50 views

CVE-2016-8653

It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack.

5.3CVSS5.2AI score0.00345EPSS