Red Hat JBoss Multiple Vulnerabilities
Last Update Date:
13 May 2020 09:58
Release Date:
13 May 2020
4659
Views
RISK: Medium Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities were identified in Red Hat JBoss, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, cross-site scripting and bypass security restriction on the targeted system.
Impact
- Cross-Site Scripting
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6 x86_64
- Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7 x86_64
- Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8 x86_64
- Red Hat JBoss Enterprise Application Platform Text-Only Advisories x86_64
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
https://access.redhat.com/articles/11258
Vulnerability Identifier
- CVE-2018-14371
- CVE-2019-10172
- CVE-2019-10174
- CVE-2019-12423
- CVE-2019-17573
- CVE-2020-10705
- CVE-2020-10719
- CVE-2020-1719
- CVE-2020-1729
- CVE-2020-1732
- CVE-2020-1745
- CVE-2020-1757
- CVE-2020-7226
Source
Related Link
- https://access.redhat.com/errata/RHSA-2020:2058
- https://access.redhat.com/errata/RHSA-2020:2059
- https://access.redhat.com/errata/RHSA-2020:2060
- https://access.redhat.com/errata/RHSA-2020:2061
- https://access.redhat.com/errata/RHSA-2020:2062
- https://access.redhat.com/errata/RHSA-2020:2063
- https://www.auscert.org.au/bulletins/ESB-2020.1655/
- https://www.auscert.org.au/bulletins/ESB-2020.1656/
- https://www.auscert.org.au/bulletins/ESB-2020.1658/
- https://www.auscert.org.au/bulletins/ESB-2020.1659/
- https://www.auscert.org.au/bulletins/ESB-2020.1660/
Share with