National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:redhat:jboss_enterprise_application_platform:6.0.0
There are 43 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2019-3805

A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.

Published: May 03, 2019; 04:29:01 PM -04:00
V3.0: 4.7 MEDIUM
    V2: 4.7 MEDIUM
CVE-2016-7066

It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations.

Published: September 11, 2018; 10:29:00 AM -04:00
V3.0: 7.8 HIGH
    V2: 4.6 MEDIUM
CVE-2016-7061

An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.

Published: September 10, 2018; 12:29:00 PM -04:00
V3.0: 6.5 MEDIUM
    V2: 4.0 MEDIUM
CVE-2018-1336

An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.

Published: August 02, 2018; 10:29:00 AM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2016-8657

It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group (root:jboss, 664). On systems using classic /etc/init.d init scripts (i.e. on Red Hat Enterprise Linux 6 and earlier), the file is sourced by the jboss init script and its content executed with root privileges when jboss service is started, stopped, or restarted.

Published: July 31, 2018; 03:29:00 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2017-2670

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

Published: July 27, 2018; 11:29:00 AM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2017-2595

It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal.

Published: July 27, 2018; 11:29:00 AM -04:00
V3.0: 6.5 MEDIUM
    V2: 4.0 MEDIUM
CVE-2017-2582

It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.

Published: July 26, 2018; 01:29:00 PM -04:00
V3.0: 6.5 MEDIUM
    V2: 4.0 MEDIUM
CVE-2017-12167

It was found in EAP 7 before 7.0.9 that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system.

Published: July 26, 2018; 01:29:00 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2016-8656

Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation.

Published: May 22, 2018; 01:29:00 PM -04:00
V3.0: 7.8 HIGH
    V2: 4.6 MEDIUM
CVE-2018-10237

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.

Published: April 26, 2018; 05:29:00 PM -04:00
V3.0: 5.9 MEDIUM
    V2: 4.3 MEDIUM
CVE-2018-8088

org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data.

Published: March 20, 2018; 12:29:00 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2017-12174

It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.

Published: March 07, 2018; 05:29:00 PM -05:00
V3.0: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2018-1041

A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.

Published: February 15, 2018; 12:29:00 PM -05:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2017-7525

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

Published: February 06, 2018; 10:29:00 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2017-15095

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.

Published: February 06, 2018; 10:29:00 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2017-17485

FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.

Published: January 10, 2018; 01:29:01 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2016-8610

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.

Published: November 13, 2017; 05:29:00 PM -05:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2015-7501

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

Published: November 09, 2017; 12:29:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2015-1849

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled.

Published: September 19, 2017; 01:29:00 PM -04:00
V3.0: 5.9 MEDIUM
    V2: 4.3 MEDIUM