Summary
| Detail | |||
|---|---|---|---|
| Vendor | Redhat | First view | 2013-08-16 |
| Product | Jboss Enterprise Application Platform | Last view | 2021-03-23 |
| Version | 6.1.0 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:redhat:jboss_enterprise_application_platform | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2021-03-23 | CVE-2019-19343 | A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable. |
| 4.3 | 2020-01-23 | CVE-2019-14885 | A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information. |
| 6.1 | 2019-12-11 | CVE-2013-6495 | JBossWeb Bayeux has reflected XSS |
| 7.8 | 2018-09-11 | CVE-2016-7066 | It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations. |
| 6.5 | 2018-09-10 | CVE-2016-7061 | An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. |
| 5.5 | 2018-07-26 | CVE-2017-12167 | It was found in EAP 7 before 7.0.9 that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system. |
| 5.9 | 2017-09-19 | CVE-2015-1849 | AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled. |
| 8.8 | 2016-09-26 | CVE-2016-5406 | The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves. |
| 6.1 | 2016-09-26 | CVE-2016-4993 | CRLF injection vulnerability in the Undertow web server in WildFly 10.0.0, as used in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. |
| 3.5 | 2015-12-16 | CVE-2015-5304 | Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does not properly authorize access to shut down the server, which allows remote authenticated users with the Monitor, Deployer, or Auditor role to cause a denial of service via unspecified vectors. |
| 5 | 2015-10-27 | CVE-2015-5220 | The Web Console in Red Hat Enterprise Application Platform (EAP) before 6.4.4 and WildFly (formerly JBoss Application Server) allows remote attackers to cause a denial of service (memory consumption) via a large request header. |
| 6.8 | 2015-10-27 | CVE-2015-5188 | Cross-site request forgery (CSRF) vulnerability in the Web Console (web-console) in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) before 2.0.0.CR9 allows remote attackers to hijack the authentication of administrators for requests that make arbitrary changes to an instance via vectors involving a file upload using a multipart/form-data submission. |
| 4.3 | 2015-10-27 | CVE-2015-5178 | The Management Console in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element. |
| 2.1 | 2015-04-21 | CVE-2014-3586 | The default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly (formerly JBoss Application Server) uses weak permissions for .jboss-cli-history, which allows local users to obtain sensitive information via unspecified vectors. |
| 4 | 2015-02-13 | CVE-2014-7853 | The JBoss Application Server (WildFly) JacORB subsystem in Red Hat JBoss Enterprise Application Platform (EAP) before 6.3.3 does not properly assign socket-binding-ref sensitivity classification to the security-domain attribute, which allows remote authenticated users to obtain sensitive information by leveraging access to the security-domain attribute. |
| 3.5 | 2015-02-13 | CVE-2014-7827 | The org.jboss.security.plugins.mapping.JBossMappingManager implementation in JBoss Security in Red Hat JBoss Enterprise Application Platform (EAP) before 6.3.3 uses the default security domain when a security domain is undefined, which allows remote authenticated users to bypass intended access restrictions by leveraging credentials on the default domain for a role that is also on the application domain. |
| 2.1 | 2014-11-17 | CVE-2014-0059 | JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2.3, use world-readable permissions on audit.log, which allows local users to obtain sensitive information by reading this file. |
| 5 | 2014-07-07 | CVE-2014-3481 | org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary files via unspecified vectors, related to an XML External Entity (XXE) issue. |
| 1.9 | 2014-02-26 | CVE-2014-0058 | The security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the log files. |
| 7.5 | 2014-01-19 | CVE-2013-2185 | The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186. NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue |
| 5.5 | 2013-12-06 | CVE-2013-2133 | The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform (EAP) before 6.2.0, does not properly enforce the method level restrictions for JAX-WS Service endpoints, which allows remote authenticated users to access otherwise restricted JAX-WS handlers by leveraging permissions to the EJB class. |
| 5.4 | 2013-09-28 | CVE-2013-4112 | The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials. |
| 1.9 | 2013-09-28 | CVE-2013-1921 | PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file. |
| 6.4 | 2013-08-16 | CVE-2013-4213 | Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by the EJB client API, which allows remote attackers to hijack sessions by using an EJB client. |
| 6.4 | 2013-08-16 | CVE-2013-4128 | Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 26% (7) | CWE-200 | Information Exposure |
| 19% (5) | CWE-264 | Permissions, Privileges, and Access Controls |
| 7% (2) | CWE-310 | Cryptographic Issues |
| 3% (1) | CWE-532 | Information Leak Through Log Files |
| 3% (1) | CWE-404 | Improper Resource Shutdown or Release |
| 3% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 3% (1) | CWE-284 | Access Control (Authorization) Issues |
| 3% (1) | CWE-275 | Permission Issues |
| 3% (1) | CWE-254 | Security Features |
| 3% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 3% (1) | CWE-113 | Failure to Sanitize CRLF Sequences in HTTP Headers ('HTTP Response ... |
| 3% (1) | CWE-93 | Failure to Sanitize CRLF Sequences ('CRLF Injection') |
| 3% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 3% (1) | CWE-20 | Improper Input Validation |
| 3% (1) | CWE-16 | Configuration |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2013-A-0177 | Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform Severity: Category I - VMSKEY: V0040288 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | JBoss JMXInvokerServlet access attempt RuleID : 24343 - Type : SERVER-WEBAPP - Revision : 4 |
| 2014-01-10 | JBoss web console access attempt RuleID : 24342 - Type : SERVER-WEBAPP - Revision : 4 |
| 2014-01-10 | JBoss admin-console access RuleID : 21517 - Type : SERVER-WEBAPP - Revision : 6 |
| 2014-01-10 | JBoss JMX console access attempt RuleID : 21516 - Type : SERVER-WEBAPP - Revision : 9 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-03-21 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa_10838.nasl - Type: ACT_GATHER_INFO |
| 2017-12-15 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-3455.nasl - Type: ACT_GATHER_INFO |
| 2017-12-15 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-3454.nasl - Type: ACT_GATHER_INFO |
| 2017-12-14 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-3458.nasl - Type: ACT_GATHER_INFO |
| 2017-02-06 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-0246.nasl - Type: ACT_GATHER_INFO |
| 2017-02-06 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-0244.nasl - Type: ACT_GATHER_INFO |
| 2017-02-03 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-0170.nasl - Type: ACT_GATHER_INFO |
| 2017-02-03 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-0171.nasl - Type: ACT_GATHER_INFO |
| 2017-02-03 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-0250.nasl - Type: ACT_GATHER_INFO |
| 2016-01-11 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-2540.nasl - Type: ACT_GATHER_INFO |
| 2015-12-04 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-2542.nasl - Type: ACT_GATHER_INFO |
| 2015-12-04 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-2539.nasl - Type: ACT_GATHER_INFO |
| 2015-12-04 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-2538.nasl - Type: ACT_GATHER_INFO |
| 2015-10-16 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-1907.nasl - Type: ACT_GATHER_INFO |
| 2015-10-16 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-1905.nasl - Type: ACT_GATHER_INFO |
| 2015-10-16 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-1904.nasl - Type: ACT_GATHER_INFO |
| 2015-09-01 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-0218.nasl - Type: ACT_GATHER_INFO |
| 2015-04-20 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-0847.nasl - Type: ACT_GATHER_INFO |
| 2015-04-20 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-0846.nasl - Type: ACT_GATHER_INFO |
| 2015-02-13 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-0217.nasl - Type: ACT_GATHER_INFO |
| 2015-02-13 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2015-0216.nasl - Type: ACT_GATHER_INFO |
| 2014-06-28 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2014-0799.nasl - Type: ACT_GATHER_INFO |
| 2014-06-28 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2014-0798.nasl - Type: ACT_GATHER_INFO |
| 2014-05-28 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2014-0564.nasl - Type: ACT_GATHER_INFO |
| 2014-05-28 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2014-0563.nasl - Type: ACT_GATHER_INFO |
