5 - RHSA-2019:1245

Executive Summary

Summary
Title	Red Hat Quay 3.0.2 security and bug fix update

Informations
Name	RHSA-2019:1245	First vendor Publication	2019-05-20
Vendor	RedHat	Last vendor Modification	2019-05-20
Severity (Vendor)	N/A	Revision	01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An update is now available for Red Hat Quay 3.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Red Hat Quay is a secure, private container registry that builds, analyzes and distributes container images. It provides a high level of automation and customization.

2. Description:

Security Fix(es):

* A flaw was found in the way the DES/3DES cipher was used as part of the
TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)

Bug Fix(es):

* Running Quay in config mode now works in a disconnected option which doesn't require pulling resources from the Internet.

* Quay's security scan endpoint is now enabled at startup for viewing results of Clair container image scans.

3. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1709477 - Quay 3.0.2 errata

5. References:

https://access.redhat.com/security/cve/CVE-2016-2183 https://access.redhat.com/security/updates/classification/#moderate

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2019-1245.html

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-200	Information Exposure

CPE : Common Platform Enumeration

Type	Description	Count
Application	Cisco Content Security Management Appliance cpe:2.3:a:cisco:content_security_management_appliance:9.7.0-006:::::::* cpe:2.3:a:cisco:content_security_management_appliance:9.6.6-068:::::::*	2
Application	Nodejs Node.Js cpe:2.3:a:nodejs:node.js:6.6.0::::-::: cpe:2.3:a:nodejs:node.js:6.5.0::::-::: cpe:2.3:a:nodejs:node.js:6.4.0::::-::: cpe:2.3:a:nodejs:node.js:6.3.1::::-::: cpe:2.3:a:nodejs:node.js:6.3.0::::-::: cpe:2.3:a:nodejs:node.js:6.2.2::::-::: cpe:2.3:a:nodejs:node.js:6.2.1::::-::: cpe:2.3:a:nodejs:node.js:6.2.0::::-::: cpe:2.3:a:nodejs:node.js:6.1.0::::-::: cpe:2.3:a:nodejs:node.js:6.0.0::::-::: cpe:2.3:a:nodejs:node.js:5.9.1::::-::: cpe:2.3:a:nodejs:node.js:5.9.0::::-::: cpe:2.3:a:nodejs:node.js:5.8.1:rc.1:::::: cpe:2.3:a:nodejs:node.js:5.8.0::::-::: cpe:2.3:a:nodejs:node.js:5.7.1::::-::: cpe:2.3:a:nodejs:node.js:5.7.0::::-::: cpe:2.3:a:nodejs:node.js:5.6.0::::-::: cpe:2.3:a:nodejs:node.js:5.5.0::::-::: cpe:2.3:a:nodejs:node.js:5.4.1::::-::: cpe:2.3:a:nodejs:node.js:5.4.0::::-::: cpe:2.3:a:nodejs:node.js:5.3.0::::-::: cpe:2.3:a:nodejs:node.js:5.2.0::::-::: cpe:2.3:a:nodejs:node.js:5.12.0::::-::: cpe:2.3:a:nodejs:node.js:5.11.1::::-::: cpe:2.3:a:nodejs:node.js:5.11.0::::-::: cpe:2.3:a:nodejs:node.js:5.10.1::::-::: cpe:2.3:a:nodejs:node.js:5.10.0::::-::: cpe:2.3:a:nodejs:node.js:5.1.1::::-::: cpe:2.3:a:nodejs:node.js:5.1.0::::-::: cpe:2.3:a:nodejs:node.js:5.0.0::::-::: cpe:2.3:a:nodejs:node.js:4.8.4::::lts::: cpe:2.3:a:nodejs:node.js:4.8.3::::lts::: cpe:2.3:a:nodejs:node.js:4.8.2::::lts::: cpe:2.3:a:nodejs:node.js:4.8.1::::lts::: cpe:2.3:a:nodejs:node.js:4.8.0::::lts::: cpe:2.3:a:nodejs:node.js:4.7.3::::lts::: cpe:2.3:a:nodejs:node.js:4.7.2::::lts::: cpe:2.3:a:nodejs:node.js:4.7.1::::lts::: cpe:2.3:a:nodejs:node.js:4.7.0::::lts::: cpe:2.3:a:nodejs:node.js:4.6.2::::lts::: cpe:2.3:a:nodejs:node.js:4.6.1::::lts::: cpe:2.3:a:nodejs:node.js:4.6.0::::lts::: cpe:2.3:a:nodejs:node.js:4.5.0::::lts::: cpe:2.3:a:nodejs:node.js:4.4.7::::lts::: cpe:2.3:a:nodejs:node.js:4.4.6::::lts::: cpe:2.3:a:nodejs:node.js:4.4.5::::lts::: cpe:2.3:a:nodejs:node.js:4.4.4::::lts::: cpe:2.3:a:nodejs:node.js:4.4.3::::lts::: cpe:2.3:a:nodejs:node.js:4.4.2::::lts::: cpe:2.3:a:nodejs:node.js:4.4.1::::lts::: cpe:2.3:a:nodejs:node.js:4.4.0::::lts::: cpe:2.3:a:nodejs:node.js:4.4.0:rc.4:::::: cpe:2.3:a:nodejs:node.js:4.4.0:rc.3:::::: cpe:2.3:a:nodejs:node.js:4.4.0:rc.2:::::: cpe:2.3:a:nodejs:node.js:4.4.0:rc.1:::::: cpe:2.3:a:nodejs:node.js:4.3.2::::lts::: cpe:2.3:a:nodejs:node.js:4.3.1:rc.2:::::: cpe:2.3:a:nodejs:node.js:4.3.1::::lts::: cpe:2.3:a:nodejs:node.js:4.3.1:rc.1:::::: cpe:2.3:a:nodejs:node.js:4.3.0::::lts::: cpe:2.3:a:nodejs:node.js:4.2.6::::lts::: cpe:2.3:a:nodejs:node.js:4.2.5::::lts::: cpe:2.3:a:nodejs:node.js:4.2.4::::lts::: cpe:2.3:a:nodejs:node.js:4.2.3::::lts::: cpe:2.3:a:nodejs:node.js:4.2.2::::lts::: cpe:2.3:a:nodejs:node.js:4.2.1::::lts::: cpe:2.3:a:nodejs:node.js:4.2.0::::lts::: cpe:2.3:a:nodejs:node.js:4.1.2::::-::: cpe:2.3:a:nodejs:node.js:4.1.1::::-::: cpe:2.3:a:nodejs:node.js:4.1.0::::-::: cpe:2.3:a:nodejs:node.js:4.0.0::::-::: cpe:2.3:a:nodejs:node.js:1.0.4::::-::: cpe:2.3:a:nodejs:node.js:0.3.2::::-::: cpe:2.3:a:nodejs:node.js:0.12.9::::-::: cpe:2.3:a:nodejs:node.js:0.12.8::::-::: cpe:2.3:a:nodejs:node.js:0.12.7::::-::: cpe:2.3:a:nodejs:node.js:0.12.6::::-::: cpe:2.3:a:nodejs:node.js:0.12.5::::-::: cpe:2.3:a:nodejs:node.js:0.12.4::::-::: cpe:2.3:a:nodejs:node.js:0.12.3::::-::: cpe:2.3:a:nodejs:node.js:0.12.2::::-::: cpe:2.3:a:nodejs:node.js:0.12.15::::-::: cpe:2.3:a:nodejs:node.js:0.12.14::::-::: cpe:2.3:a:nodejs:node.js:0.12.13::::-::: cpe:2.3:a:nodejs:node.js:0.12.12::::-::: cpe:2.3:a:nodejs:node.js:0.12.11::::-::: cpe:2.3:a:nodejs:node.js:0.12.10::::-::: cpe:2.3:a:nodejs:node.js:0.12.1::::-::: cpe:2.3:a:nodejs:node.js:0.12.0::::-::: cpe:2.3:a:nodejs:node.js:0.11.9::::-::: cpe:2.3:a:nodejs:node.js:0.11.8::::-::: cpe:2.3:a:nodejs:node.js:0.11.7::::-::: cpe:2.3:a:nodejs:node.js:0.11.6::::-::: cpe:2.3:a:nodejs:node.js:0.11.16::::-::: cpe:2.3:a:nodejs:node.js:0.11.15::::-::: cpe:2.3:a:nodejs:node.js:0.11.14::::-::: cpe:2.3:a:nodejs:node.js:0.11.13::::-::: cpe:2.3:a:nodejs:node.js:0.11.12::::-::: cpe:2.3:a:nodejs:node.js:0.11.11::::-::: cpe:2.3:a:nodejs:node.js:0.11.10::::-::: cpe:2.3:a:nodejs:node.js:0.10.9::::-::: cpe:2.3:a:nodejs:node.js:0.10.8::::-::: cpe:2.3:a:nodejs:node.js:0.10.7::::-::: cpe:2.3:a:nodejs:node.js:0.10.6::::-::: cpe:2.3:a:nodejs:node.js:0.10.5::::-::: cpe:2.3:a:nodejs:node.js:0.10.46::::-::: cpe:2.3:a:nodejs:node.js:0.10.45::::-::: cpe:2.3:a:nodejs:node.js:0.10.44::::-::: cpe:2.3:a:nodejs:node.js:0.10.43::::-::: cpe:2.3:a:nodejs:node.js:0.10.42::::-::: cpe:2.3:a:nodejs:node.js:0.10.41::::-::: cpe:2.3:a:nodejs:node.js:0.10.40::::-::: cpe:2.3:a:nodejs:node.js:0.10.4::::-::: cpe:2.3:a:nodejs:node.js:0.10.39::::-::: cpe:2.3:a:nodejs:node.js:0.10.38::::-::: cpe:2.3:a:nodejs:node.js:0.10.37::::-::: cpe:2.3:a:nodejs:node.js:0.10.36::::-::: cpe:2.3:a:nodejs:node.js:0.10.35::::-::: cpe:2.3:a:nodejs:node.js:0.10.34::::-::: cpe:2.3:a:nodejs:node.js:0.10.33::::-::: cpe:2.3:a:nodejs:node.js:0.10.32::::-::: cpe:2.3:a:nodejs:node.js:0.10.31::::-::: cpe:2.3:a:nodejs:node.js:0.10.30::::-::: cpe:2.3:a:nodejs:node.js:0.10.3::::-::: cpe:2.3:a:nodejs:node.js:0.10.29::::-::: cpe:2.3:a:nodejs:node.js:0.10.28::::-::: cpe:2.3:a:nodejs:node.js:0.10.27::::-::: cpe:2.3:a:nodejs:node.js:0.10.26::::-::: cpe:2.3:a:nodejs:node.js:0.10.25::::-::: cpe:2.3:a:nodejs:node.js:0.10.24::::-::: cpe:2.3:a:nodejs:node.js:0.10.23::::-::: cpe:2.3:a:nodejs:node.js:0.10.22::::-::: cpe:2.3:a:nodejs:node.js:0.10.21::::-::: cpe:2.3:a:nodejs:node.js:0.10.20::::-::: cpe:2.3:a:nodejs:node.js:0.10.2::::-::: cpe:2.3:a:nodejs:node.js:0.10.19::::-::: cpe:2.3:a:nodejs:node.js:0.10.18::::-::: cpe:2.3:a:nodejs:node.js:0.10.17::::-::: cpe:2.3:a:nodejs:node.js:0.10.16-isaacs-manual::::-::: cpe:2.3:a:nodejs:node.js:0.10.16::::-::: cpe:2.3:a:nodejs:node.js:0.10.15::::-::: cpe:2.3:a:nodejs:node.js:0.10.14::::-::: cpe:2.3:a:nodejs:node.js:0.10.13::::-::: cpe:2.3:a:nodejs:node.js:0.10.12::::-::: cpe:2.3:a:nodejs:node.js:0.10.11::::-::: cpe:2.3:a:nodejs:node.js:0.10.10::::-::: cpe:2.3:a:nodejs:node.js:0.10.1::::-::: cpe:2.3:a:nodejs:node.js:0.10.0::::-::: cpe:2.3:a:nodejs:node.js:::::::: cpe:2.3:a:nodejs:node.js:::::-:::* cpe:2.3:a:nodejs:node.js:::::lts:::*	151
Application	Openssl cpe:2.3:a:openssl:openssl:1.0.2h:::::::* cpe:2.3:a:openssl:openssl:1.0.2f:::::::* cpe:2.3:a:openssl:openssl:1.0.2e:::::::* cpe:2.3:a:openssl:openssl:1.0.2d:::::::* cpe:2.3:a:openssl:openssl:1.0.2c:::::::* cpe:2.3:a:openssl:openssl:1.0.2b:::::::* cpe:2.3:a:openssl:openssl:1.0.2a:::::::* cpe:2.3:a:openssl:openssl:1.0.1t:::::::* cpe:2.3:a:openssl:openssl:1.0.1r:::::::* cpe:2.3:a:openssl:openssl:1.0.1q:::::::* cpe:2.3:a:openssl:openssl:1.0.1p:::::::* cpe:2.3:a:openssl:openssl:1.0.1o:::::::* cpe:2.3:a:openssl:openssl:1.0.1n:::::::* cpe:2.3:a:openssl:openssl:1.0.1m:::::::* cpe:2.3:a:openssl:openssl:1.0.1l:::::::* cpe:2.3:a:openssl:openssl:1.0.1k:::::::* cpe:2.3:a:openssl:openssl:1.0.1j:::::::* cpe:2.3:a:openssl:openssl:1.0.1i:::::::* cpe:2.3:a:openssl:openssl:1.0.1h:::::::* cpe:2.3:a:openssl:openssl:1.0.1g:::::::* cpe:2.3:a:openssl:openssl:1.0.1f:::::::* cpe:2.3:a:openssl:openssl:1.0.1e:::::::* cpe:2.3:a:openssl:openssl:1.0.1d:::::::* cpe:2.3:a:openssl:openssl:1.0.1c:::::::* cpe:2.3:a:openssl:openssl:1.0.1b:::::::* cpe:2.3:a:openssl:openssl:1.0.1a:::::::*	26
Application	Oracle Database cpe:2.3:a:oracle:database:12.1.0.2:::::::* cpe:2.3:a:oracle:database:11.2.0.4:::::::*	2
Application	Python cpe:2.3:a:python:python:3.5.2:-:::::: cpe:2.3:a:python:python:3.5.2:rc1:::::: cpe:2.3:a:python:python:3.5.1:-:::::: cpe:2.3:a:python:python:3.5.1:rc1:::::: cpe:2.3:a:python:python:3.5.0:-:::::: cpe:2.3:a:python:python:3.5.0:alpha1:::::: cpe:2.3:a:python:python:3.5.0:alpha2:::::: cpe:2.3:a:python:python:3.5.0:alpha3:::::: cpe:2.3:a:python:python:3.5.0:alpha4:::::: cpe:2.3:a:python:python:3.5.0:beta1:::::: cpe:2.3:a:python:python:3.5.0:beta2:::::: cpe:2.3:a:python:python:3.5.0:beta3:::::: cpe:2.3:a:python:python:3.5.0:beta4:::::: cpe:2.3:a:python:python:3.5.0:rc1:::::: cpe:2.3:a:python:python:3.5.0:rc2:::::: cpe:2.3:a:python:python:3.5.0:rc3:::::: cpe:2.3:a:python:python:3.5.0:rc4:::::: cpe:2.3:a:python:python:3.4.9:-:::::: cpe:2.3:a:python:python:3.4.9:rc1:::::: cpe:2.3:a:python:python:3.4.8:-:::::: cpe:2.3:a:python:python:3.4.8:rc1:::::: cpe:2.3:a:python:python:3.4.7:-:::::: cpe:2.3:a:python:python:3.4.7:rc1:::::: cpe:2.3:a:python:python:3.4.6:-:::::: cpe:2.3:a:python:python:3.4.6:rc1:::::: cpe:2.3:a:python:python:3.4.5:-:::::: cpe:2.3:a:python:python:3.4.5:rc1:::::: cpe:2.3:a:python:python:3.4.4:-:::::: cpe:2.3:a:python:python:3.4.4:rc1:::::: cpe:2.3:a:python:python:3.4.3:-:::::: cpe:2.3:a:python:python:3.4.3:rc1:::::: cpe:2.3:a:python:python:3.4.2:-:::::: cpe:2.3:a:python:python:3.4.2:rc1:::::: cpe:2.3:a:python:python:3.4.10:-:::::: cpe:2.3:a:python:python:3.4.10:rc1:::::: cpe:2.3:a:python:python:3.4.1:-:::::: cpe:2.3:a:python:python:3.4.1:rc1:::::: cpe:2.3:a:python:python:3.4.0:-:::::: cpe:2.3:a:python:python:3.4.0:alpha1:::::: cpe:2.3:a:python:python:3.4.0:alpha2:::::: cpe:2.3:a:python:python:3.4.0:alpha3:::::: cpe:2.3:a:python:python:3.4.0:alpha4:::::: cpe:2.3:a:python:python:3.4.0:beta1:::::: cpe:2.3:a:python:python:3.4.0:beta2:::::: cpe:2.3:a:python:python:3.4.0:beta3:::::: cpe:2.3:a:python:python:3.4.0:rc1:::::: cpe:2.3:a:python:python:3.4.0:rc2:::::: cpe:2.3:a:python:python:3.4.0:rc3:::::: cpe:2.3:a:python:python:3.4:alpha1:::::: cpe:2.3:a:python:python:3.3.7:-:::::: cpe:2.3:a:python:python:3.3.7:rc1:::::: cpe:2.3:a:python:python:3.3.6:rc1:::::: cpe:2.3:a:python:python:3.3.6:-:::::: cpe:2.3:a:python:python:3.3.5:rc2:::::: cpe:2.3:a:python:python:3.3.5:-:::::: cpe:2.3:a:python:python:3.3.5:rc1:::::: cpe:2.3:a:python:python:3.3.4:rc1:::::: cpe:2.3:a:python:python:3.3.4:-:::::: cpe:2.3:a:python:python:3.3.3:rc1:::::: cpe:2.3:a:python:python:3.3.3:rc2:::::: cpe:2.3:a:python:python:3.3.3:-:::::: cpe:2.3:a:python:python:3.3.2:::::::* cpe:2.3:a:python:python:3.3.1:rc1:::::: cpe:2.3:a:python:python:3.3.1:-:::::: cpe:2.3:a:python:python:3.3.0:-:::::: cpe:2.3:a:python:python:3.3.0:alpha1:::::: cpe:2.3:a:python:python:3.3.0:alpha2:::::: cpe:2.3:a:python:python:3.3.0:alpha3:::::: cpe:2.3:a:python:python:3.3.0:alpha4:::::: cpe:2.3:a:python:python:3.3.0:beta1:::::: cpe:2.3:a:python:python:3.3.0:beta2:::::: cpe:2.3:a:python:python:3.3.0:rc1:::::: cpe:2.3:a:python:python:3.3.0:rc2:::::: cpe:2.3:a:python:python:3.3.0:rc3:::::: cpe:2.3:a:python:python:3.3:beta2:::::: cpe:2.3:a:python:python:3.3:::::::* cpe:2.3:a:python:python:3.2.6:-:::::: cpe:2.3:a:python:python:3.2.6:rc1:::::: cpe:2.3:a:python:python:3.2.5:::::::* cpe:2.3:a:python:python:3.2.4:-:::::: cpe:2.3:a:python:python:3.2.4:rc1:::::: cpe:2.3:a:python:python:3.2.3:-:::::: cpe:2.3:a:python:python:3.2.3:rc1:::::: cpe:2.3:a:python:python:3.2.3:rc2:::::: cpe:2.3:a:python:python:3.2.2150:::::::* cpe:2.3:a:python:python:3.2.2:-:::::: cpe:2.3:a:python:python:3.2.2:rc1:::::: cpe:2.3:a:python:python:3.2.1:-:::::: cpe:2.3:a:python:python:3.2.1:beta1:::::: cpe:2.3:a:python:python:3.2.1:rc1:::::: cpe:2.3:a:python:python:3.2.1:rc2:::::: cpe:2.3:a:python:python:3.2.0:::::::* cpe:2.3:a:python:python:3.2:alpha:::::: cpe:2.3:a:python:python:3.2:-:::::: cpe:2.3:a:python:python:3.2:alpha1:::::: cpe:2.3:a:python:python:3.2:alpha2:::::: cpe:2.3:a:python:python:3.2:alpha3:::::: cpe:2.3:a:python:python:3.2:alpha4:::::: cpe:2.3:a:python:python:3.2:beta1:::::: cpe:2.3:a:python:python:3.2:beta2:::::: cpe:2.3:a:python:python:3.2:rc1:::::: cpe:2.3:a:python:python:3.2:rc2:::::: cpe:2.3:a:python:python:3.2:rc3:::::: cpe:2.3:a:python:python:3.1.5:-:::::: cpe:2.3:a:python:python:3.1.5:rc1:::::: cpe:2.3:a:python:python:3.1.5:rc2:::::: cpe:2.3:a:python:python:3.1.4:-:::::: cpe:2.3:a:python:python:3.1.4:rc1:::::: cpe:2.3:a:python:python:3.1.3:-:::::: cpe:2.3:a:python:python:3.1.3:rc1:::::: cpe:2.3:a:python:python:3.1.2150::::::x64: cpe:2.3:a:python:python:3.1.2:-:::::: cpe:2.3:a:python:python:3.1.2:rc1:::::: cpe:2.3:a:python:python:3.1.1:-:::::: cpe:2.3:a:python:python:3.1.1:rc1:::::: cpe:2.3:a:python:python:3.1.0:::::::* cpe:2.3:a:python:python:3.1:-:::::: cpe:2.3:a:python:python:3.1:alpha1:::::: cpe:2.3:a:python:python:3.1:alpha2:::::: cpe:2.3:a:python:python:3.1:beta1:::::: cpe:2.3:a:python:python:3.1:rc1:::::: cpe:2.3:a:python:python:3.1:rc2:::::: cpe:2.3:a:python:python:3.0.1:::::::* cpe:2.3:a:python:python:3.0.0:::::::* cpe:2.3:a:python:python:3.0:-:::::: cpe:2.3:a:python:python:3.0:alpha1:::::: cpe:2.3:a:python:python:3.0:alpha2:::::: cpe:2.3:a:python:python:3.0:alpha3:::::: cpe:2.3:a:python:python:3.0:alpha4:::::: cpe:2.3:a:python:python:3.0:alpha5:::::: cpe:2.3:a:python:python:3.0:beta1:::::: cpe:2.3:a:python:python:3.0:beta2:::::: cpe:2.3:a:python:python:3.0:beta3:::::: cpe:2.3:a:python:python:3.0:rc1:::::: cpe:2.3:a:python:python:3.0:rc2:::::: cpe:2.3:a:python:python:3.0:rc3:::::: cpe:2.3:a:python:python:2.7.9:-:::::: cpe:2.3:a:python:python:2.7.9:rc1:::::: cpe:2.3:a:python:python:2.7.8:::::::* cpe:2.3:a:python:python:2.7.7:-:::::: cpe:2.3:a:python:python:2.7.7:rc1:::::: cpe:2.3:a:python:python:2.7.6:-:::::: cpe:2.3:a:python:python:2.7.6:rc1:::::: cpe:2.3:a:python:python:2.7.5:::::::* cpe:2.3:a:python:python:2.7.4:-:::::: cpe:2.3:a:python:python:2.7.4:rc1:::::: cpe:2.3:a:python:python:2.7.3:-:::::: cpe:2.3:a:python:python:2.7.3:rc1:::::: cpe:2.3:a:python:python:2.7.3:rc2:::::: cpe:2.3:a:python:python:2.7.2150:::::::* cpe:2.3:a:python:python:2.7.2:rc1:::::: cpe:2.3:a:python:python:2.7.2:-:::::: cpe:2.3:a:python:python:2.7.16:-:::::: cpe:2.3:a:python:python:2.7.16:rc1:::::: cpe:2.3:a:python:python:2.7.16:::::::* cpe:2.3:a:python:python:2.7.15:-:::::: cpe:2.3:a:python:python:2.7.15:rc1:::::: cpe:2.3:a:python:python:2.7.14:-:::::: cpe:2.3:a:python:python:2.7.14:rc1:::::: cpe:2.3:a:python:python:2.7.13:-:::::: cpe:2.3:a:python:python:2.7.13:rc1:::::: cpe:2.3:a:python:python:2.7.12:-:::::: cpe:2.3:a:python:python:2.7.12:rc1:::::: cpe:2.3:a:python:python:2.7.1150:::::::* cpe:2.3:a:python:python:2.7.1150::::::x64: cpe:2.3:a:python:python:2.7.11:-:::::: cpe:2.3:a:python:python:2.7.11:rc1:::::: cpe:2.3:a:python:python:2.7.10:-:::::: cpe:2.3:a:python:python:2.7.10:rc1:::::: cpe:2.3:a:python:python:2.7.1:-:::::: cpe:2.3:a:python:python:2.7.1:rc1:::::: cpe:2.3:a:python:python:2.7.0:::::::* cpe:2.3:a:python:python:2.6.9:::::::* cpe:2.3:a:python:python:2.6.8:::::::* cpe:2.3:a:python:python:2.6.7:::::::* cpe:2.3:a:python:python:2.6.6150:::::::* cpe:2.3:a:python:python:2.6.6:::::::* cpe:2.3:a:python:python:2.6.5:::::::* cpe:2.3:a:python:python:2.6.4:::::::* cpe:2.3:a:python:python:2.6.3:::::::* cpe:2.3:a:python:python:2.6.2150:::::::* cpe:2.3:a:python:python:2.6.2:::::::* cpe:2.3:a:python:python:2.6.1:::::::* cpe:2.3:a:python:python:2.6.0:::::::* cpe:2.3:a:python:python:2.5.6:::::::* cpe:2.3:a:python:python:2.5.5:::::::* cpe:2.3:a:python:python:2.5.4:::::::* cpe:2.3:a:python:python:2.5.3:::::::* cpe:2.3:a:python:python:2.5.2:::::::* cpe:2.3:a:python:python:2.5.150:::::::* cpe:2.3:a:python:python:2.5.1:::::::* cpe:2.3:a:python:python:2.5.0:::::::* cpe:2.3:a:python:python:2.4.6:::::::* cpe:2.3:a:python:python:2.4.5:::::::* cpe:2.3:a:python:python:2.4.4:::::::* cpe:2.3:a:python:python:2.4.3:::::::* cpe:2.3:a:python:python:2.4.2:::::::* cpe:2.3:a:python:python:2.4.1:::::::* cpe:2.3:a:python:python:2.4.0:::::::* cpe:2.3:a:python:python:2.3.7:::::::* cpe:2.3:a:python:python:2.3.6:::::::* cpe:2.3:a:python:python:2.3.5:::::::* cpe:2.3:a:python:python:2.3.4:::::::* cpe:2.3:a:python:python:2.3.3:::::::* cpe:2.3:a:python:python:2.3.2:::::::* cpe:2.3:a:python:python:2.3.1:::::::* cpe:2.3:a:python:python:2.3.0:::::::* cpe:2.3:a:python:python:2.2.3:::::::* cpe:2.3:a:python:python:2.2.2:::::::* cpe:2.3:a:python:python:2.2.1:::::::* cpe:2.3:a:python:python:2.2.0:::::::* cpe:2.3:a:python:python:2.2:::::::* cpe:2.3:a:python:python:2.1.3:::::::* cpe:2.3:a:python:python:2.1.2:::::::* cpe:2.3:a:python:python:2.1.1:::::::* cpe:2.3:a:python:python:2.1:::::::* cpe:2.3:a:python:python:2.0.1:::::::* cpe:2.3:a:python:python:2.0:::::::* cpe:2.3:a:python:python:1.6.1:::::::* cpe:2.3:a:python:python:1.6:::::::* cpe:2.3:a:python:python:1.5.2:::::::* cpe:2.3:a:python:python:1.3:::::::* cpe:2.3:a:python:python:1.2:::::::* cpe:2.3:a:python:python:0.9.1:::::::* cpe:2.3:a:python:python:0.9.0:::::::* cpe:2.3:a:python:python:::::::: cpe:2.3:a:python:python:-:::::::*	227
Application	Redhat Jboss Enterprise Application Platform cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*	1
Application	Redhat Jboss Enterprise Web Server cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:::::::* cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.0:::::::*	2
Application	Redhat Jboss Web Server cpe:2.3:a:redhat:jboss_web_server:3.0:::::::*	1
Os	Redhat Enterprise Linux cpe:2.3:o:redhat:enterprise_linux:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*	3

Snort® IPS/IDS

Date	Description
2016-10-18	SSH weak blowfish cipher suite use attempt RuleID : 40190 - Revision : 2 - Type : POLICY-OTHER
2016-10-18	SSH weak 3DES cipher suite use attempt RuleID : 40189 - Revision : 2 - Type : POLICY-OTHER
2016-10-18	SSL weak 3DES cipher suite use attempt RuleID : 40188 - Revision : 2 - Type : POLICY-OTHER
2016-10-18	SSL weak 3DES cipher suite use attempt RuleID : 40187 - Revision : 2 - Type : POLICY-OTHER
2016-10-18	SSL weak 3DES cipher suite use attempt RuleID : 40186 - Revision : 2 - Type : POLICY-OTHER

Nessus® Vulnerability Scanner

Date	Description
2018-07-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2018-2123.nasl - Type : ACT_GATHER_INFO
2018-02-28	Name : The version of Arista Networks EOS running on the remote device is affected b... File : arista_eos_sa0024.nasl - Type : ACT_GATHER_INFO
2018-02-28	Name : The version of Arista Networks EOS running on the remote device is affected b... File : arista_eos_sa0024_4_17.nasl - Type : ACT_GATHER_INFO
2017-11-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-3240.nasl - Type : ACT_GATHER_INFO
2017-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-3113.nasl - Type : ACT_GATHER_INFO
2017-09-20	Name : The remote VMware ESXi 6.0 host is affected by multiple vulnerabilities. File : vmware_esxi_6_0_build_5485776_remote.nasl - Type : ACT_GATHER_INFO
2017-09-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2709.nasl - Type : ACT_GATHER_INFO
2017-09-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2710.nasl - Type : ACT_GATHER_INFO
2017-09-13	Name : The version of Java SDK installed on the remote AIX host is affected by multi... File : aix_java_jan2017_advisory.nasl - Type : ACT_GATHER_INFO
2017-07-20	Name : A web application installed on the remote host is affected by multiple vulner... File : oracle_e-business_cpu_jul_2017.nasl - Type : ACT_GATHER_INFO
2017-07-20	Name : The remote database server is affected by multiple vulnerabilities. File : oracle_rdbms_cpu_jul_2017.nasl - Type : ACT_GATHER_INFO
2017-07-13	Name : The remote Virtuozzo host is missing a security update. File : Virtuozzo_VZLSA-2017-0180.nasl - Type : ACT_GATHER_INFO
2017-07-13	Name : The remote Virtuozzo host is missing a security update. File : Virtuozzo_VZLSA-2017-0269.nasl - Type : ACT_GATHER_INFO
2017-07-06	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201707-01.nasl - Type : ACT_GATHER_INFO
2017-06-26	Name : The Tenable SecurityCenter application on the remote host contains an OpenSSL... File : securitycenter_openssl_1_0_1u.nasl - Type : ACT_GATHER_INFO
2017-05-31	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-1444-1.nasl - Type : ACT_GATHER_INFO
2017-05-24	Name : A database server installed on the remote host is affected by multiple vulner... File : ibm_informix_server_swg22002897.nasl - Type : ACT_GATHER_INFO
2017-05-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-1216.nasl - Type : ACT_GATHER_INFO
2017-05-02	Name : An application installed on the remote host is affected by multiple vulnerabi... File : oracle_secure_global_desktop_apr_2017_cpu.nasl - Type : ACT_GATHER_INFO
2017-05-01	Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2016-1090.nasl - Type : ACT_GATHER_INFO
2017-05-01	Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1015.nasl - Type : ACT_GATHER_INFO
2017-05-01	Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1016.nasl - Type : ACT_GATHER_INFO
2017-05-01	Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1027.nasl - Type : ACT_GATHER_INFO
2017-05-01	Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1028.nasl - Type : ACT_GATHER_INFO
2017-04-28	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-3270-1.nasl - Type : ACT_GATHER_INFO
2017-04-21	Name : An enterprise management application installed on the remote host is affected... File : oracle_enterprise_manager_apr_2017_cpu.nasl - Type : ACT_GATHER_INFO
2017-03-30	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-0839-1.nasl - Type : ACT_GATHER_INFO
2017-03-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-0716-1.nasl - Type : ACT_GATHER_INFO
2017-03-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-0719-1.nasl - Type : ACT_GATHER_INFO
2017-03-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-0720-1.nasl - Type : ACT_GATHER_INFO
2017-03-09	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-0462.nasl - Type : ACT_GATHER_INFO
2017-03-02	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13167034.nasl - Type : ACT_GATHER_INFO
2017-03-01	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-0336.nasl - Type : ACT_GATHER_INFO
2017-03-01	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-0337.nasl - Type : ACT_GATHER_INFO
2017-03-01	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-0338.nasl - Type : ACT_GATHER_INFO
2017-02-21	Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-278.nasl - Type : ACT_GATHER_INFO
2017-02-21	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-0490-1.nasl - Type : ACT_GATHER_INFO
2017-02-16	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3198-1.nasl - Type : ACT_GATHER_INFO
2017-02-15	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2017-797.nasl - Type : ACT_GATHER_INFO
2017-02-15	Name : An application running on the remote host is affected by multiple vulnerabili... File : nessus_tns_2016_16.nasl - Type : ACT_GATHER_INFO
2017-02-15	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-0460-1.nasl - Type : ACT_GATHER_INFO
2017-02-14	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2017-0269.nasl - Type : ACT_GATHER_INFO
2017-02-14	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-0269.nasl - Type : ACT_GATHER_INFO
2017-02-13	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-0269.nasl - Type : ACT_GATHER_INFO
2017-02-13	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20170213_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2017-02-09	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3194-1.nasl - Type : ACT_GATHER_INFO
2017-02-06	Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-201.nasl - Type : ACT_GATHER_INFO
2017-02-01	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-0346-1.nasl - Type : ACT_GATHER_INFO
2017-01-27	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2017-791.nasl - Type : ACT_GATHER_INFO
2017-01-26	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201701-65.nasl - Type : ACT_GATHER_INFO
2017-01-26	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3179-1.nasl - Type : ACT_GATHER_INFO
2017-01-25	Name : A web application running on the remote host is affected by multiple vulnerab... File : mysql_enterprise_monitor_3_1_5_7958.nasl - Type : ACT_GATHER_INFO
2017-01-25	Name : A web application running on the remote host is affected by multiple vulnerab... File : mysql_enterprise_monitor_3_2_5_1141.nasl - Type : ACT_GATHER_INFO
2017-01-25	Name : A web application running on the remote host is affected by multiple vulnerab... File : mysql_enterprise_monitor_3_3_1_1112.nasl - Type : ACT_GATHER_INFO
2017-01-25	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20170120_java_1_8_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2017-01-23	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2017-0180.nasl - Type : ACT_GATHER_INFO
2017-01-23	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-0180.nasl - Type : ACT_GATHER_INFO
2017-01-23	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-0180.nasl - Type : ACT_GATHER_INFO
2017-01-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-0175.nasl - Type : ACT_GATHER_INFO
2017-01-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-0176.nasl - Type : ACT_GATHER_INFO
2017-01-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-0177.nasl - Type : ACT_GATHER_INFO
2017-01-19	Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_jan_2017.nasl - Type : ACT_GATHER_INFO
2017-01-19	Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_jan_2017_unix.nasl - Type : ACT_GATHER_INFO
2017-01-06	Name : A vulnerability scanner installed on the remote host is affected by multiple ... File : pvs_5_2_0.nasl - Type : ACT_GATHER_INFO
2017-01-05	Name : The remote device is missing a vendor-supplied security patch. File : juniper_jsa10759.nasl - Type : ACT_GATHER_INFO
2016-12-29	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2016-363-01.nasl - Type : ACT_GATHER_INFO
2016-12-27	Name : An application running on the remote web server is affected by multiple vulne... File : ibm_bigfix_remote_control_9_1_3.nasl - Type : ACT_GATHER_INFO
2016-12-07	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201612-16.nasl - Type : ACT_GATHER_INFO
2016-11-22	Name : The remote AIX host has a version of OpenSSL installed that is affected by mu... File : aix_openssl_advisory21.nasl - Type : ACT_GATHER_INFO
2016-11-01	Name : The remote service supports the use of 64-bit block ciphers. File : ssl_64bitblock_supported_ciphers.nasl - Type : ACT_GATHER_INFO
2016-10-21	Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_6_34_rpm.nasl - Type : ACT_GATHER_INFO
2016-10-21	Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_7_16_rpm.nasl - Type : ACT_GATHER_INFO
2016-10-20	Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_6_34.nasl - Type : ACT_GATHER_INFO
2016-10-20	Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_7_16.nasl - Type : ACT_GATHER_INFO
2016-10-17	Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-1189.nasl - Type : ACT_GATHER_INFO
2016-10-17	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2016-3627.nasl - Type : ACT_GATHER_INFO
2016-10-17	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2016-0141.nasl - Type : ACT_GATHER_INFO
2016-10-13	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2016-755.nasl - Type : ACT_GATHER_INFO
2016-10-12	Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-1172.nasl - Type : ACT_GATHER_INFO
2016-10-07	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2468-1.nasl - Type : ACT_GATHER_INFO
2016-10-06	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2458-1.nasl - Type : ACT_GATHER_INFO
2016-09-30	Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_1u.nasl - Type : ACT_GATHER_INFO
2016-09-30	Name : The remote service is affected by multiple vulnerabilities. File : openssl_1_0_2i.nasl - Type : ACT_GATHER_INFO
2016-09-29	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20160927_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2016-09-28	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2016-1940.nasl - Type : ACT_GATHER_INFO
2016-09-28	Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-1130.nasl - Type : ACT_GATHER_INFO
2016-09-28	Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-1134.nasl - Type : ACT_GATHER_INFO
2016-09-28	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2016-1940.nasl - Type : ACT_GATHER_INFO
2016-09-28	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2016-0135.nasl - Type : ACT_GATHER_INFO
2016-09-28	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-1940.nasl - Type : ACT_GATHER_INFO
2016-09-28	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2394-1.nasl - Type : ACT_GATHER_INFO
2016-09-27	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2387-1.nasl - Type : ACT_GATHER_INFO
2016-09-26	Name : The remote Debian host is missing a security update. File : debian_DLA-637.nasl - Type : ACT_GATHER_INFO
2016-09-26	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-3087-2.nasl - Type : ACT_GATHER_INFO
2016-09-23	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2016-266-01.nasl - Type : ACT_GATHER_INFO
2016-09-23	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3673.nasl - Type : ACT_GATHER_INFO
2016-09-23	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_43eaa65680bc11e6bf52b499baebfeaf.nasl - Type : ACT_GATHER_INFO
2016-09-23	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-3087-1.nasl - Type : ACT_GATHER_INFO
2016-08-25	Name : The service running on the remote host uses a weak encryption block cipher by... File : openssl_1_1_0.nasl - Type : ACT_GATHER_INFO
2016-07-25	Name : The remote web server is affected by multiple vulnerabilities. File : oracle_http_server_cpu_jul_2016.nasl - Type : ACT_GATHER_INFO
2015-10-23	Name : The remote web server is affected by multiple vulnerabilities. File : oracle_http_server_cpu_oct_2015.nasl - Type : ACT_GATHER_INFO
2015-01-27	Name : The remote web server is affected by multiple vulnerabilities. File : oracle_http_server_cpu_jan_2015.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2020-03-19 13:18:24	First insertion

Global Informations

Type	Count
CWE ID(s)	1
CPE ID(s)	415
Snort® Rule(s)	5
Nessus® Exploit(s)	102

	Related
7.5	CVE-2016-2183
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

5 - RHSA-2019:1245

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU