DATABASE RESOURCES PRICING ABOUT US

{"id": "UB:CVE-2019-10184", "vendorId": null, "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2019-10184", "description": "undertow before version 2.0.23.Final is vulnerable to an information leak\nissue. Web apps may have their directory structures predicted through\nrequests without trailing slashes via the api.", "published": "2019-07-25T00:00:00", "modified": "2019-07-25T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://ubuntu.com/security/CVE-2019-10184", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10184", "https://issues.jboss.org/browse/UNDERTOW-1578", "https://github.com/undertow-io/undertow/pull/794", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184", "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "https://launchpad.net/bugs/cve/CVE-2019-10184", "https://security-tracker.debian.org/tracker/CVE-2019-10184"], "cvelist": ["CVE-2019-10184"], "immutableFields": [], "lastseen": "2023-01-27T13:53:50", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-10184"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-10184"]}, {"type": "github", "idList": ["GHSA-W69W-JVC7-WJGV"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2019-2935.NASL", "REDHAT-RHSA-2019-2936.NASL", "REDHAT-RHSA-2019-2937.NASL", "REDHAT-RHSA-2019-3044.NASL", "REDHAT-RHSA-2019-3045.NASL", "REDHAT-RHSA-2019-3046.NASL"]}, {"type": "osv", "idList": ["OSV:GHSA-W69W-JVC7-WJGV"]}, {"type": "redhat", "idList": ["RHSA-2019:2935", "RHSA-2019:2936", "RHSA-2019:2937", "RHSA-2019:2938", "RHSA-2019:2998", "RHSA-2019:3044", "RHSA-2019:3045", "RHSA-2019:3046", "RHSA-2019:3050", "RHSA-2020:0727", "RHSA-2020:0983"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-10184"]}]}, "score": {"value": 4.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2019-10184"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-10184"]}, {"type": "github", "idList": ["GHSA-W69W-JVC7-WJGV"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2019-2935.NASL", "REDHAT-RHSA-2019-2936.NASL", "REDHAT-RHSA-2019-2937.NASL", "REDHAT-RHSA-2019-3044.NASL", "REDHAT-RHSA-2019-3045.NASL", "REDHAT-RHSA-2019-3046.NASL"]}, {"type": "redhat", "idList": ["RHSA-2019:3045"]}]}, "exploitation": null, "vulnersScore": 4.0}, "_state": {"dependencies": 1674827713, "score": 1674827685}, "_internal": {"score_hash": "2430b2b0d87907b81f9efe2944930aa3"}, "affectedPackage": [{"OS": "ubuntu", "OSVersion": "19.10", "arch": "noarch", "packageVersion": "2.0.23-1", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "undertow"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "2.0.23-1", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "undertow"}, {"OS": "ubuntu", "OSVersion": "20.10", "arch": "noarch", "packageVersion": "2.0.23-1", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "undertow"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "2.0.23-1", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "undertow"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "2.0.23-1", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "undertow"}, {"OS": "ubuntu", "OSVersion": "22.04", "arch": "noarch", "packageVersion": "2.0.23-1", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "undertow"}, {"OS": "ubuntu", "OSVersion": "upstream", "arch": "noarch", "packageVersion": "2.0.23-1", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "undertow"}, {"OS": "ubuntu", "OSVersion": "upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needs triage", "packageName": "undertow"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "undertow"}], "bugs": []}

{"github": [{"lastseen": "2023-01-09T05:07:17", "description": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-01T19:18:16", "type": "github", "title": "Missing Authorization in undertow", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184"], "modified": "2023-01-09T05:01:38", "id": "GHSA-W69W-JVC7-WJGV", "href": "https://github.com/advisories/GHSA-w69w-jvc7-wjgv", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2023-01-19T18:08:18", "description": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-25T21:15:00", "type": "debiancve", "title": "CVE-2019-10184", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184"], "modified": "2019-07-25T21:15:00", "id": "DEBIANCVE:CVE-2019-10184", "href": "https://security-tracker.debian.org/tracker/CVE-2019-10184", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "redhatcve": [{"lastseen": "2023-01-28T08:23:10", "description": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-21T00:56:53", "type": "redhatcve", "title": "CVE-2019-10184", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184"], "modified": "2023-01-28T06:17:07", "id": "RH:CVE-2019-10184", "href": "https://access.redhat.com/security/cve/cve-2019-10184", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "osv": [{"lastseen": "2023-01-31T02:32:10", "description": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-01T19:18:16", "type": "osv", "title": "Missing Authorization in undertow", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184"], "modified": "2023-01-31T02:32:04", "id": "OSV:GHSA-W69W-JVC7-WJGV", "href": "https://osv.dev/vulnerability/GHSA-w69w-jvc7-wjgv", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2022-03-23T19:05:52", "description": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-25T21:15:00", "type": "cve", "title": "CVE-2019-10184", "cwe": ["CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184"], "modified": "2022-02-20T06:11:00", "cpe": ["cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "cpe:/a:redhat:jboss_enterprise_application_platform:-", "cpe:/a:redhat:jboss_enterprise_application_platform:7.2", "cpe:/a:redhat:jboss_enterprise_application_platform:7.0.0", "cpe:/a:redhat:openshift_application_runtimes:-", "cpe:/a:redhat:single_sign-on:7.3", "cpe:/a:redhat:jboss_data_grid:-", "cpe:/a:redhat:jboss_enterprise_application_platform:7.3", "cpe:/a:netapp:active_iq_unified_manager:-", "cpe:/a:redhat:single_sign-on:7.0", "cpe:/a:redhat:single_sign-on:-", "cpe:/a:redhat:openshift_application_runtimes:1.0"], "id": "CVE-2019-10184", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10184", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:text-only:*:*:*", "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", "cpe:2.3:a:redhat:openshift_application_runtimes:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", "cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_data_grid:-:*:*:*:text-only:*:*:*", "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*"]}], "redhat": [{"lastseen": "2021-10-19T20:40:40", "description": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-14T18:15:07", "type": "redhat", "title": "(RHSA-2019:3046) Important: Red Hat Single Sign-On 7.3.4 security update on RHEL 8", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-12086", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14820", "CVE-2019-14832"], "modified": "2019-10-14T18:23:48", "id": "RHSA-2019:3046", "href": "https://access.redhat.com/errata/RHSA-2019:3046", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:37:06", "description": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-14T18:15:05", "type": "redhat", "title": "(RHSA-2019:3045) Important: Red Hat Single Sign-On 7.3.4 security update on RHEL 7", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-12086", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14820", "CVE-2019-14832"], "modified": "2019-10-14T18:23:49", "id": "RHSA-2019:3045", "href": "https://access.redhat.com/errata/RHSA-2019:3045", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:40:04", "description": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-14T18:15:02", "type": "redhat", "title": "(RHSA-2019:3044) Important: Red Hat Single Sign-On 7.3.4 security update on RHEL 6", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-12086", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14820", "CVE-2019-14832"], "modified": "2019-10-14T18:23:20", "id": "RHSA-2019:3044", "href": "https://access.redhat.com/errata/RHSA-2019:3044", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:38:41", "description": "Red Hat OpenShift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of RHOAR Thorntail 2.5.0 serves as a replacement for RHOAR Thorntail 2.4.0, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* keycloak: session hijack using the user access token (CVE-2019-3868)\n\n* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-10T09:52:54", "type": "redhat", "title": "(RHSA-2019:2998) Important: Red Hat OpenShift Application Runtimes Thorntail 2.5.0 security & bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-10212", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-14379", "CVE-2019-3868", "CVE-2019-3888"], "modified": "2019-10-10T09:53:23", "id": "RHSA-2019:2998", "href": "https://access.redhat.com/errata/RHSA-2019:2998", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:37:22", "description": "This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-09-30T22:36:07", "type": "redhat", "title": "(RHSA-2019:2936) Important: Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-10202", "CVE-2019-10212", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379"], "modified": "2019-09-30T22:49:24", "id": "RHSA-2019:2936", "href": "https://access.redhat.com/errata/RHSA-2019:2936", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:37:43", "description": "This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-09-30T22:35:42", "type": "redhat", "title": "(RHSA-2019:2935) Important: Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 6 Security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-10202", "CVE-2019-10212", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379"], "modified": "2019-09-30T22:47:05", "id": "RHSA-2019:2935", "href": "https://access.redhat.com/errata/RHSA-2019:2935", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:36:44", "description": "This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-09-30T22:36:13", "type": "redhat", "title": "(RHSA-2019:2937) Important: Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 8 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-10202", "CVE-2019-10212", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379"], "modified": "2019-09-30T22:46:21", "id": "RHSA-2019:2937", "href": "https://access.redhat.com/errata/RHSA-2019:2937", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:39:23", "description": "This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-09-30T22:54:04", "type": "redhat", "title": "(RHSA-2019:2938) Important: Red Hat JBoss Enterprise Application Platform 7.2.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-10202", "CVE-2019-10212", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-19343"], "modified": "2020-05-28T06:51:08", "id": "RHSA-2019:2938", "href": "https://access.redhat.com/errata/RHSA-2019:2938", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:37:13", "description": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-14T18:57:18", "type": "redhat", "title": "(RHSA-2019:3050) Important: Red Hat Single Sign-On 7.3.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10169", "CVE-2019-10170", "CVE-2019-10184", "CVE-2019-10212", "CVE-2019-12086", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14820", "CVE-2019-14832"], "modified": "2020-04-30T19:20:19", "id": "RHSA-2019:3050", "href": "https://access.redhat.com/errata/RHSA-2019:3050", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-22T16:17:27", "description": "Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project.\n\nThis release of Red Hat Data Grid 7.3.3 serves as a replacement for Red Hat Data Grid 7.3.2 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\n* xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285) (CVE-2019-10173)\n\n* infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods (CVE-2019-10174)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* h2: Information Exposure due to insecure handling of permissions in the backup (CVE-2018-14335)\n\n* wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805)\n\n* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-05T12:46:52", "type": "redhat", "title": "(RHSA-2020:0727) Important: Red Hat Data Grid 7.3.3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7285", "CVE-2018-14335", "CVE-2019-10173", "CVE-2019-10174", "CVE-2019-10184", "CVE-2019-10212", "CVE-2019-14379", "CVE-2019-3805", "CVE-2019-3888", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518"], "modified": "2020-03-05T12:47:11", "id": "RHSA-2020:0727", "href": "https://access.redhat.com/errata/RHSA-2020:0727", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-10-19T20:38:20", "description": "This release of Red Hat Fuse 7.6.0 serves as a replacement for Red Hat Fuse 7.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* golang: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* undertow: HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513)\n\n* undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* golang: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* undertow: HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)\n\n* undertow: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\n* undertow: HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\n* infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods (CVE-2019-10174)\n\n* spring-security-core: mishandling of user passwords allows logging in with a password of NULL (CVE-2019-11272)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* xmlrpc: Deserialization of server-side exception from faultCause in XMLRPC error response (CVE-2019-17570)\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* logback: Serialization vulnerability in SocketServer and ServerSocketReceiver (CVE-2017-5929)\n\n* js-jquery: XSS in responses from cross-origin ajax requests (CVE-2017-16012)\n\n* apache-commons-compress: ZipArchiveInputStream.read() fails to identify correct EOF allowing for DoS via crafted zip (CVE-2018-11771)\n\n* spring-data-api: potential information disclosure through maliciously crafted example value in ExampleMatcher (CVE-2019-3802)\n\n* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)\n\n* shiro: Cookie padding oracle vulnerability with default configuration (CVE-2019-12422)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. (CVE-2019-12814)\n\n* jackson-databind: Polymorphic typing issue related to logback/JNDI (CVE-2019-14439)\n\n* springframework: DoS Attack via Range Requests (CVE-2018-15756)\n\n* c3p0: loading XML configuration leads to denial of service (CVE-2019-5427)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-03-26T15:40:22", "type": "redhat", "title": "(RHSA-2020:0983) Important: Red Hat Fuse 7.6.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2017-16012", "CVE-2017-5929", "CVE-2018-11771", "CVE-2018-12536", "CVE-2018-15756", "CVE-2019-10174", "CVE-2019-10184", "CVE-2019-10241", "CVE-2019-10247", "CVE-2019-11272", "CVE-2019-12384", "CVE-2019-12422", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14439", "CVE-2019-17570", "CVE-2019-3802", "CVE-2019-3888", "CVE-2019-5427", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9516", "CVE-2019-9517", "CVE-2019-9518"], "modified": "2021-01-13T11:11:03", "id": "RHSA-2020:0983", "href": "https://access.redhat.com/errata/RHSA-2020:0983", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2023-01-22T15:23:50", "description": "New Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-15T00:00:00", "type": "nessus", "title": "RHEL 6 : Red Hat Single Sign-On 7.3.4 (RHSA-2019:3044)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-12086", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14820", "CVE-2019-14832"], "modified": "2019-12-19T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak", "p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2019-3044.NASL", "href": "https://www.tenable.com/plugins/nessus/129863", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3044. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129863);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\"CVE-2019-10184\", \"CVE-2019-12086\", \"CVE-2019-12814\", \"CVE-2019-14379\", \"CVE-2019-14820\", \"CVE-2019-14832\");\n script_xref(name:\"RHSA\", value:\"2019:3044\");\n\n script_name(english:\"RHEL 6 : Red Hat Single Sign-On 7.3.4 (RHSA-2019:3044)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New Red Hat Single Sign-On 7.3.4 packages are now available for Red\nHat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat Single Sign-On 7.3 is a standalone server, based on the\nKeycloak project, that provides authentication and standards-based\nsingle sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 6 serves as a\nreplacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes\nand enhancements, which are documented in the Release Notes document\nlinked to in the References.\n\nSecurity Fix(es) :\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs\n(CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server via crafted JSON message\n(CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code\nexecution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without\ntrailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93d4a9a3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3044\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14379\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14832\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected rh-sso7-keycloak and / or rh-sso7-keycloak-server\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3044\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"rh-sso7-keycloak-4.8.13-1.Final_redhat_00001.1.el6sso\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rh-sso7-keycloak-server-4.8.13-1.Final_redhat_00001.1.el6sso\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rh-sso7-keycloak / rh-sso7-keycloak-server\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-22T15:24:49", "description": "New Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-15T00:00:00", "type": "nessus", "title": "RHEL 7 : Red Hat Single Sign-On 7.3.4 (RHSA-2019:3045)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-12086", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14820", "CVE-2019-14832"], "modified": "2019-12-19T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak", "p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server", "p-cpe:/a:redhat:enterprise_linux:rh-sso7-libunix-dbus-java", "p-cpe:/a:redhat:enterprise_linux:rh-sso7-libunix-dbus-java-debuginfo", "p-cpe:/a:redhat:enterprise_linux:rh-sso7-libunix-dbus-java-devel", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-3045.NASL", "href": "https://www.tenable.com/plugins/nessus/129864", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3045. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129864);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\"CVE-2019-10184\", \"CVE-2019-12086\", \"CVE-2019-12814\", \"CVE-2019-14379\", \"CVE-2019-14820\", \"CVE-2019-14832\");\n script_xref(name:\"RHSA\", value:\"2019:3045\");\n\n script_name(english:\"RHEL 7 : Red Hat Single Sign-On 7.3.4 (RHSA-2019:3045)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New Red Hat Single Sign-On 7.3.4 packages are now available for Red\nHat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat Single Sign-On 7.3 is a standalone server, based on the\nKeycloak project, that provides authentication and standards-based\nsingle sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 7 serves as a\nreplacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes\nand enhancements, which are documented in the Release Notes document\nlinked to in the References.\n\nSecurity Fix(es) :\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs\n(CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server via crafted JSON message\n(CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code\nexecution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without\ntrailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93d4a9a3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14379\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14832\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-libunix-dbus-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-libunix-dbus-java-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-libunix-dbus-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3045\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"rh-sso7-keycloak-4.8.13-1.Final_redhat_00001.1.el7sso\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"rh-sso7-keycloak-server-4.8.13-1.Final_redhat_00001.1.el7sso\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-sso7-libunix-dbus-java-0.8.0-2.el7sso\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-sso7-libunix-dbus-java-debuginfo-0.8.0-2.el7sso\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"rh-sso7-libunix-dbus-java-devel-0.8.0-2.el7sso\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rh-sso7-keycloak / rh-sso7-keycloak-server / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-22T15:23:25", "description": "New Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-15T00:00:00", "type": "nessus", "title": "RHEL 8 : Red Hat Single Sign-On 7.3.4 (RHSA-2019:3046)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-12086", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14820", "CVE-2019-14832"], "modified": "2019-12-19T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak", "p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2019-3046.NASL", "href": "https://www.tenable.com/plugins/nessus/129865", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3046. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129865);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\"CVE-2019-10184\", \"CVE-2019-12086\", \"CVE-2019-12814\", \"CVE-2019-14379\", \"CVE-2019-14820\", \"CVE-2019-14832\");\n script_xref(name:\"RHSA\", value:\"2019:3046\");\n\n script_name(english:\"RHEL 8 : Red Hat Single Sign-On 7.3.4 (RHSA-2019:3046)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New Red Hat Single Sign-On 7.3.4 packages are now available for Red\nHat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat Single Sign-On 7.3 is a standalone server, based on the\nKeycloak project, that provides authentication and standards-based\nsingle sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 8 serves as a\nreplacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes\nand enhancements, which are documented in the Release Notes document\nlinked to in the References.\n\nSecurity Fix(es) :\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs\n(CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server via crafted JSON message\n(CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code\nexecution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without\ntrailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93d4a9a3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14379\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14832\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected rh-sso7-keycloak and / or rh-sso7-keycloak-server\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3046\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", reference:\"rh-sso7-keycloak-4.8.13-1.Final_redhat_00001.1.el8sso\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"rh-sso7-keycloak-server-4.8.13-1.Final_redhat_00001.1.el8sso\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rh-sso7-keycloak / rh-sso7-keycloak-server\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-22T15:24:19", "description": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es) :\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-02T00:00:00", "type": "nessus", "title": "RHEL 8 : JBoss EAP (RHSA-2019:2937)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-10202", "CVE-2019-10212", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379"], "modified": "2019-12-23T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-core-asl", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-jaxrs", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-mapper-asl", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-xc", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-annotations", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jdk8", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jsr310", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-base", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jaxrs-api_2.1_spec", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logging", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling-river", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-msc", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base", "p-cpe:/a:redhat:enterprise_linux:eap7-jgroups", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbosstxbridge", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbossxts", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework", "p-cpe:/a:redhat:enterprise_linux:eap7-netty", "p-cpe:/a:redhat:enterprise_linux:eap7-netty-all", "p-cpe:/a:redhat:enterprise_linux:eap7-picketbox", "p-cpe:/a:redhat:enterprise_linux:eap7-picketbox-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-web", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2019-2937.NASL", "href": "https://www.tenable.com/plugins/nessus/129518", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2937. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129518);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/23\");\n\n script_cve_id(\"CVE-2019-10184\", \"CVE-2019-10202\", \"CVE-2019-10212\", \"CVE-2019-12086\", \"CVE-2019-12384\", \"CVE-2019-12814\", \"CVE-2019-14379\");\n script_xref(name:\"RHSA\", value:\"2019:2937\");\n\n script_name(english:\"RHEL 8 : JBoss EAP (RHSA-2019:2937)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.2 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.4\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.2.3, and includes bug fixes and enhancements. See the Red\nHat JBoss Enterprise Application Platform 7.2.4 Release Notes for\ninformation about the most significant bug fixes and enhancements\nincluded in this release.\n\nSecurity Fix(es) :\n\n* jackson-databind: default typing mishandling leading to remote code\nexecution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from\npolymorphic deserialization leading to remote code execution\n(CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server via crafted JSON message\n(CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled\nleaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in\njackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without\ntrailing slashes (CVE-2019-10184)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2937\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10212\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14379\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-core-asl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-mapper-asl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-xc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jdk8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jsr310\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jaxrs-api_2.1_spec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling-river\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-msc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jgroups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbosstxbridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbossxts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketbox-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2937\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL8\", rpm:\"eap7-jboss\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-cli-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-commons-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-core-client-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-dto-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-hornetq-protocol-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-hqclient-protocol-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-jdbc-store-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-jms-client-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-jms-server-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-journal-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-ra-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-selector-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-server-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-service-extensions-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-activemq-artemis-tools-2.9.0-1.redhat_00005.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-codehaus-jackson-1.9.13-9.redhat_00006.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-codehaus-jackson-core-asl-1.9.13-9.redhat_00006.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-codehaus-jackson-jaxrs-1.9.13-9.redhat_00006.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-codehaus-jackson-mapper-asl-1.9.13-9.redhat_00006.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-codehaus-jackson-xc-1.9.13-9.redhat_00006.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-glassfish-jsf-2.3.5-4.SP3_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-hal-console-3.0.16-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-hibernate-5.3.11-2.SP1_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-hibernate-core-5.3.11-2.SP1_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-hibernate-entitymanager-5.3.11-2.SP1_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-hibernate-envers-5.3.11-2.SP1_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-hibernate-java8-5.3.11-2.SP1_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-9.3.7-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-cachestore-jdbc-9.3.7-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-cachestore-remote-9.3.7-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-client-hotrod-9.3.7-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-commons-9.3.7-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-core-9.3.7-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-hibernate-cache-commons-9.3.7-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-hibernate-cache-spi-9.3.7-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-infinispan-hibernate-cache-v53-9.3.7-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-1.4.17-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-common-api-1.4.17-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-common-impl-1.4.17-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-common-spi-1.4.17-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-core-api-1.4.17-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-core-impl-1.4.17-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-deployers-common-1.4.17-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-jdbc-1.4.17-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-ironjacamar-validator-1.4.17-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jackson-annotations-2.9.9-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jackson-core-2.9.9-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jackson-databind-2.9.9.3-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jackson-datatype-jdk8-2.9.9-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jackson-datatype-jsr310-2.9.9-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jackson-jaxrs-base-2.9.9-2.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jackson-jaxrs-json-provider-2.9.9-2.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jackson-module-jaxb-annotations-2.9.9-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jackson-modules-base-2.9.9-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jackson-modules-java8-2.9.9-1.redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-ejb-client-4.0.23-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-jaxrs-api_2.1_spec-1.0.3-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-logging-3.3.3-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-logmanager-2.1.14-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-marshalling-2.0.9-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-marshalling-river-2.0.9-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-msc-1.4.8-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-remoting-5.0.14-1.SP1_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-cli-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-core-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap6.4-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap6.4-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap7.0-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap7.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap7.1-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap7.1-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-eap7.2-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly10.0-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly10.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly10.1-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly10.1-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly11.0-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly11.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly12.0-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly12.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly13.0-server-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly14.0-server-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly8.2-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly8.2-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly9.0-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-server-migration-wildfly9.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jboss-xnio-base-3.7.3-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-jgroups-4.0.20-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-narayana-5.9.6-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-narayana-compensations-5.9.6-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-narayana-jbosstxbridge-5.9.6-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-narayana-jbossxts-5.9.6-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-narayana-jts-idlj-5.9.6-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-narayana-jts-integration-5.9.6-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-narayana-restat-api-5.9.6-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-narayana-restat-bridge-5.9.6-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-narayana-restat-integration-5.9.6-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-narayana-restat-util-5.9.6-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-narayana-txframework-5.9.6-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-netty-4.1.34-2.Final_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-netty-all-4.1.34-2.Final_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketbox-5.0.3-5.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketbox-infinispan-5.0.3-5.Final_redhat_00004.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketlink-api-2.5.5-20.SP12_redhat_00007.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketlink-bindings-2.5.5-20.SP12_redhat_00007.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketlink-common-2.5.5-20.SP12_redhat_00007.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketlink-config-2.5.5-20.SP12_redhat_00007.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketlink-federation-2.5.5-20.SP12_redhat_00007.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketlink-idm-api-2.5.5-20.SP12_redhat_00007.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketlink-idm-impl-2.5.5-20.SP12_redhat_00007.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketlink-idm-simple-schema-2.5.5-20.SP12_redhat_00007.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketlink-impl-2.5.5-20.SP12_redhat_00007.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-picketlink-wildfly8-2.5.5-20.SP12_redhat_00007.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-undertow-2.0.25-1.SP1_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-weld-core-3.0.6-2.Final_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-weld-core-impl-3.0.6-2.Final_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-weld-core-jsf-3.0.6-2.Final_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-weld-ejb-3.0.6-2.Final_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-weld-jta-3.0.6-2.Final_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-weld-probe-core-3.0.6-2.Final_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-weld-web-3.0.6-2.Final_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-7.2.4-1.GA_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-elytron-1.6.4-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-elytron-tool-1.4.3-1.Final_redhat_00001.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-javadocs-7.2.4-1.GA_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-modules-7.2.4-1.GA_redhat_00002.1.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"eap7-wildfly-transaction-client-1.1.6-2.Final_redhat_00001.1.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-activemq-artemis / eap7-activemq-artemis-cli / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-22T15:24:20", "description": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es) :\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-02T00:00:00", "type": "nessus", "title": "RHEL 7 : JBoss EAP (RHSA-2019:2936)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-10202", "CVE-2019-10212", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379"], "modified": "2019-12-23T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-core-asl", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-jaxrs", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-mapper-asl", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-xc", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-annotations", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jdk8", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jsr310", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-base", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jaxrs-api_2.1_spec", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logging", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling-river", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-msc", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base", "p-cpe:/a:redhat:enterprise_linux:eap7-jgroups", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbosstxbridge", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbossxts", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework", "p-cpe:/a:redhat:enterprise_linux:eap7-netty", "p-cpe:/a:redhat:enterprise_linux:eap7-netty-all", "p-cpe:/a:redhat:enterprise_linux:eap7-picketbox", "p-cpe:/a:redhat:enterprise_linux:eap7-picketbox-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-web", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-2936.NASL", "href": "https://www.tenable.com/plugins/nessus/129517", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2936. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129517);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/23\");\n\n script_cve_id(\"CVE-2019-10184\", \"CVE-2019-10202\", \"CVE-2019-10212\", \"CVE-2019-12086\", \"CVE-2019-12384\", \"CVE-2019-12814\", \"CVE-2019-14379\");\n script_xref(name:\"RHSA\", value:\"2019:2936\");\n\n script_name(english:\"RHEL 7 : JBoss EAP (RHSA-2019:2936)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.2 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.4\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.2.3, and includes bug fixes and enhancements. See the Red\nHat JBoss Enterprise Application Platform 7.2.4 Release Notes for\ninformation about the most significant bug fixes and enhancements\nincluded in this release.\n\nSecurity Fix(es) :\n\n* jackson-databind: default typing mishandling leading to remote code\nexecution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from\npolymorphic deserialization leading to remote code execution\n(CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server via crafted JSON message\n(CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled\nleaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in\njackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without\ntrailing slashes (CVE-2019-10184)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10212\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14379\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-core-asl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-mapper-asl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-xc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jdk8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jsr310\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jaxrs-api_2.1_spec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling-river\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-msc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jgroups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbosstxbridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbossxts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketbox-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2936\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"eap7-jboss\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-cli-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-commons-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-core-client-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-dto-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-hornetq-protocol-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-hqclient-protocol-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-jdbc-store-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-jms-client-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-jms-server-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-journal-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-ra-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-selector-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-server-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-service-extensions-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-activemq-artemis-tools-2.9.0-1.redhat_00005.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-codehaus-jackson-1.9.13-9.redhat_00006.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-codehaus-jackson-core-asl-1.9.13-9.redhat_00006.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-codehaus-jackson-jaxrs-1.9.13-9.redhat_00006.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-codehaus-jackson-mapper-asl-1.9.13-9.redhat_00006.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-codehaus-jackson-xc-1.9.13-9.redhat_00006.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-glassfish-jsf-2.3.5-4.SP3_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hal-console-3.0.16-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-5.3.11-2.SP1_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-core-5.3.11-2.SP1_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-entitymanager-5.3.11-2.SP1_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-envers-5.3.11-2.SP1_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-hibernate-java8-5.3.11-2.SP1_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-9.3.7-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-cachestore-jdbc-9.3.7-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-cachestore-remote-9.3.7-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-client-hotrod-9.3.7-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-commons-9.3.7-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-core-9.3.7-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-hibernate-cache-commons-9.3.7-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-hibernate-cache-spi-9.3.7-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-infinispan-hibernate-cache-v53-9.3.7-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-1.4.17-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-common-api-1.4.17-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-common-impl-1.4.17-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-common-spi-1.4.17-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-core-api-1.4.17-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-core-impl-1.4.17-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-deployers-common-1.4.17-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-jdbc-1.4.17-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-ironjacamar-validator-1.4.17-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-annotations-2.9.9-1.redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-core-2.9.9-1.redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-databind-2.9.9.3-1.redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-datatype-jdk8-2.9.9-1.redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-datatype-jsr310-2.9.9-1.redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-jaxrs-base-2.9.9-2.redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-jaxrs-json-provider-2.9.9-2.redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-module-jaxb-annotations-2.9.9-1.redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-modules-base-2.9.9-1.redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jackson-modules-java8-2.9.9-1.redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-ejb-client-4.0.23-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-jaxrs-api_2.1_spec-1.0.3-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-logging-3.3.3-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-logmanager-2.1.14-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-marshalling-2.0.9-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-marshalling-river-2.0.9-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-msc-1.4.8-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-remoting-5.0.14-1.SP1_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-cli-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-core-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap6.4-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap6.4-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap7.0-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap7.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap7.1-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap7.1-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-eap7.2-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly10.0-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly10.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly10.1-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly10.1-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly11.0-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly11.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly12.0-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly12.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly13.0-server-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly14.0-server-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly8.2-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly8.2-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly9.0-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-server-migration-wildfly9.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jboss-xnio-base-3.7.3-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-jgroups-4.0.20-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-narayana-5.9.6-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-narayana-compensations-5.9.6-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-narayana-jbosstxbridge-5.9.6-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-narayana-jbossxts-5.9.6-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-narayana-jts-idlj-5.9.6-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-narayana-jts-integration-5.9.6-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-narayana-restat-api-5.9.6-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-narayana-restat-bridge-5.9.6-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-narayana-restat-integration-5.9.6-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-narayana-restat-util-5.9.6-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-narayana-txframework-5.9.6-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-netty-4.1.34-2.Final_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-netty-all-4.1.34-2.Final_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketbox-5.0.3-5.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketbox-infinispan-5.0.3-5.Final_redhat_00004.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-api-2.5.5-20.SP12_redhat_00007.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-bindings-2.5.5-20.SP12_redhat_00007.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-common-2.5.5-20.SP12_redhat_00007.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-config-2.5.5-20.SP12_redhat_00007.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-federation-2.5.5-20.SP12_redhat_00007.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-idm-api-2.5.5-20.SP12_redhat_00007.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-idm-impl-2.5.5-20.SP12_redhat_00007.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-idm-simple-schema-2.5.5-20.SP12_redhat_00007.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-impl-2.5.5-20.SP12_redhat_00007.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-picketlink-wildfly8-2.5.5-20.SP12_redhat_00007.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-undertow-2.0.25-1.SP1_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-weld-core-3.0.6-2.Final_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-weld-core-impl-3.0.6-2.Final_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-weld-core-jsf-3.0.6-2.Final_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-weld-ejb-3.0.6-2.Final_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-weld-jta-3.0.6-2.Final_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-weld-probe-core-3.0.6-2.Final_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-weld-web-3.0.6-2.Final_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-7.2.4-1.GA_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-elytron-1.6.4-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-elytron-tool-1.4.3-1.Final_redhat_00001.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-java-jdk11-7.2.4-1.GA_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-java-jdk8-7.2.4-1.GA_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-javadocs-7.2.4-1.GA_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-modules-7.2.4-1.GA_redhat_00002.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"eap7-wildfly-transaction-client-1.1.6-2.Final_redhat_00001.1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-activemq-artemis / eap7-activemq-artemis-cli / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-22T15:22:58", "description": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es) :\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-02T00:00:00", "type": "nessus", "title": "RHEL 6 : JBoss EAP (RHSA-2019:2935)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10184", "CVE-2019-10202", "CVE-2019-10212", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379"], "modified": "2019-12-23T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions", "p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-core-asl", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-jaxrs", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-mapper-asl", "p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-xc", "p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-hal-console", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers", "p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-annotations", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jdk8", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jsr310", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-base", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-java8", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jaxrs-api_2.1_spec", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logging", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling-river", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-msc", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2", "p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base", "p-cpe:/a:redhat:enterprise_linux:eap7-jgroups", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbosstxbridge", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbossxts", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util", "p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework", "p-cpe:/a:redhat:enterprise_linux:eap7-netty", "p-cpe:/a:redhat:enterprise_linux:eap7-netty-all", "p-cpe:/a:redhat:enterprise_linux:eap7-picketbox", "p-cpe:/a:redhat:enterprise_linux:eap7-picketbox-infinispan", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8", "p-cpe:/a:redhat:enterprise_linux:eap7-undertow", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core", "p-cpe:/a:redhat:enterprise_linux:eap7-weld-web", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules", "p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2019-2935.NASL", "href": "https://www.tenable.com/plugins/nessus/129516", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2935. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129516);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/23\");\n\n script_cve_id(\"CVE-2019-10184\", \"CVE-2019-10202\", \"CVE-2019-10212\", \"CVE-2019-12086\", \"CVE-2019-12384\", \"CVE-2019-12814\", \"CVE-2019-14379\");\n script_xref(name:\"RHSA\", value:\"2019:2935\");\n\n script_name(english:\"RHEL 6 : JBoss EAP (RHSA-2019:2935)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.2 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.4\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 7.2.3, and includes bug fixes and enhancements. See the Red\nHat JBoss Enterprise Application Platform 7.2.4 Release Notes for\ninformation about the most significant bug fixes and enhancements\nincluded in this release.\n\nSecurity Fix(es) :\n\n* jackson-databind: default typing mishandling leading to remote code\nexecution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from\npolymorphic deserialization leading to remote code execution\n(CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server via crafted JSON message\n(CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled\nleaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in\njackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without\ntrailing slashes (CVE-2019-10184)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2935\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10212\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14379\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-core-asl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-mapper-asl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-xc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jdk8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jsr310\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-java8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jaxrs-api_2.1_spec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling-river\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-msc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jgroups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbosstxbridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbossxts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-netty-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketbox-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-undertow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-weld-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2935\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"eap7-jboss\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-cli-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-commons-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-core-client-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-dto-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-hornetq-protocol-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-hqclient-protocol-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-jdbc-store-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-jms-client-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-jms-server-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-journal-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-ra-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-selector-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-server-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-service-extensions-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-activemq-artemis-tools-2.9.0-1.redhat_00005.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-codehaus-jackson-1.9.13-9.redhat_00006.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-codehaus-jackson-core-asl-1.9.13-9.redhat_00006.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-codehaus-jackson-jaxrs-1.9.13-9.redhat_00006.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-codehaus-jackson-mapper-asl-1.9.13-9.redhat_00006.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-codehaus-jackson-xc-1.9.13-9.redhat_00006.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-glassfish-jsf-2.3.5-4.SP3_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hal-console-3.0.16-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-5.3.11-2.SP1_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-core-5.3.11-2.SP1_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-entitymanager-5.3.11-2.SP1_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-envers-5.3.11-2.SP1_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-hibernate-java8-5.3.11-2.SP1_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-9.3.7-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-cachestore-jdbc-9.3.7-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-cachestore-remote-9.3.7-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-client-hotrod-9.3.7-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-commons-9.3.7-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-core-9.3.7-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-hibernate-cache-commons-9.3.7-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-hibernate-cache-spi-9.3.7-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-infinispan-hibernate-cache-v53-9.3.7-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-1.4.17-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-common-api-1.4.17-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-common-impl-1.4.17-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-common-spi-1.4.17-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-core-api-1.4.17-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-core-impl-1.4.17-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-deployers-common-1.4.17-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-jdbc-1.4.17-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-ironjacamar-validator-1.4.17-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-annotations-2.9.9-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-core-2.9.9-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-databind-2.9.9.3-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-datatype-jdk8-2.9.9-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-datatype-jsr310-2.9.9-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-jaxrs-base-2.9.9-2.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-jaxrs-json-provider-2.9.9-2.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-module-jaxb-annotations-2.9.9-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-modules-base-2.9.9-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jackson-modules-java8-2.9.9-1.redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-ejb-client-4.0.23-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-jaxrs-api_2.1_spec-1.0.3-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-logging-3.3.3-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-logmanager-2.1.14-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-marshalling-2.0.9-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-marshalling-river-2.0.9-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-msc-1.4.8-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-remoting-5.0.14-1.SP1_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-cli-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-core-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap6.4-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap6.4-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.0-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.1-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.1-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-eap7.2-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly10.0-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly10.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly10.1-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly10.1-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly11.0-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly11.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly12.0-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly12.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly13.0-server-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly14.0-server-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly8.2-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly8.2-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly9.0-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-server-migration-wildfly9.0-to-eap7.2-1.3.1-4.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jboss-xnio-base-3.7.3-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-jgroups-4.0.20-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-narayana-5.9.6-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-narayana-compensations-5.9.6-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-narayana-jbosstxbridge-5.9.6-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-narayana-jbossxts-5.9.6-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-narayana-jts-idlj-5.9.6-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-narayana-jts-integration-5.9.6-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-narayana-restat-api-5.9.6-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-narayana-restat-bridge-5.9.6-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-narayana-restat-integration-5.9.6-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-narayana-restat-util-5.9.6-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-narayana-txframework-5.9.6-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-netty-4.1.34-2.Final_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-netty-all-4.1.34-2.Final_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketbox-5.0.3-5.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketbox-infinispan-5.0.3-5.Final_redhat_00004.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-api-2.5.5-20.SP12_redhat_00007.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-bindings-2.5.5-20.SP12_redhat_00007.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-common-2.5.5-20.SP12_redhat_00007.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-config-2.5.5-20.SP12_redhat_00007.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-federation-2.5.5-20.SP12_redhat_00007.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-idm-api-2.5.5-20.SP12_redhat_00007.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-idm-impl-2.5.5-20.SP12_redhat_00007.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-idm-simple-schema-2.5.5-20.SP12_redhat_00007.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-impl-2.5.5-20.SP12_redhat_00007.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-picketlink-wildfly8-2.5.5-20.SP12_redhat_00007.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-undertow-2.0.25-1.SP1_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-weld-core-3.0.6-2.Final_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-weld-core-impl-3.0.6-2.Final_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-weld-core-jsf-3.0.6-2.Final_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-weld-ejb-3.0.6-2.Final_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-weld-jta-3.0.6-2.Final_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-weld-probe-core-3.0.6-2.Final_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-weld-web-3.0.6-2.Final_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-7.2.4-1.GA_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-elytron-1.6.4-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-elytron-tool-1.4.3-1.Final_redhat_00001.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-javadocs-7.2.4-1.GA_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-modules-7.2.4-1.GA_redhat_00002.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"eap7-wildfly-transaction-client-1.1.6-2.Final_redhat_00001.1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eap7-activemq-artemis / eap7-activemq-artemis-cli / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}