Multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 12 |
| CVE-ID | CVE-2020-28052 CVE-2022-41853 CVE-2024-28752 CVE-2022-23221 CVE-2022-46364 CVE-2022-34169 CVE-2023-26464 CVE-2023-5685 CVE-2023-3171 CVE-2020-7238 CVE-2023-39410 CVE-2024-47561 |
| CWE-ID | CWE-1025 CWE-749 CWE-918 CWE-502 CWE-20 CWE-400 CWE-444 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #6 is available. |
| Vulnerable software |
JBoss Enterprise Application Platform Server applications / Application servers eap7-xalan-j2 (Red Hat package) Operating systems & Components / Operating system package or component eap7-wildfly (Red Hat package) Operating systems & Components / Operating system package or component eap7-jboss-xnio-base (Red Hat package) Operating systems & Components / Operating system package or component eap7-jboss-marshalling (Red Hat package) Operating systems & Components / Operating system package or component eap7-jackson-databind (Red Hat package) Operating systems & Components / Operating system package or component eap7-h2database (Red Hat package) Operating systems & Components / Operating system package or component eap7-bouncycastle (Red Hat package) Operating systems & Components / Operating system package or component eap7-avro (Red Hat package) Operating systems & Components / Operating system package or component eap7-apache-cxf (Red Hat package) Operating systems & Components / Operating system package or component |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
1) Comparison using wrong factors
EUVDB-ID: #VU49086
Risk: High
CVSSv4.0: 8.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2020-28052
CWE-ID:
CWE-1025 - Comparison using wrong factors
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to brute-force password hashes.
The vulnerability exists due to comparison error in OpenBSDBCrypt.checkPassword() function in core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java when matching passwords with hashes. A remote attacker can pass an incorrect password that will be accepted as a valid one by the library, bypass authentication process and gain unauthorized access to the application that uses vulnerable version of Bouncy Castle.
MitigationInstall updates from vendor's website.
JBoss Enterprise Application Platform: 7.1.0 - 7.1.7
eap7-xalan-j2 (Red Hat package): before 2.7.1-26.redhat_00015.1.ep7.el7
eap7-wildfly (Red Hat package): before 7.1.8-2.GA_redhat_00002.1.ep7.el7
eap7-jboss-xnio-base (Red Hat package): before 3.5.10-1.Final_redhat_00001.1.ep7.el7
eap7-jboss-marshalling (Red Hat package): before 2.0.15-1.Final_redhat_00001.1.ep7.el7
eap7-jackson-databind (Red Hat package): before 2.8.11.6-1.SP1_redhat_00001.1.ep7.el7
eap7-h2database (Red Hat package): before 1.4.197-2.redhat_00005.1.ep7.el7
eap7-bouncycastle (Red Hat package): before 1.68.0-1.redhat_00005.1.ep7.el7
eap7-avro (Red Hat package): before 1.7.6-2.redhat_00003.1.ep7.el7
eap7-apache-cxf (Red Hat package): before 3.1.16-3.SP1_redhat_00001.1.ep7.el7
CPE2.3- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:eap7-xalan-j2_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-wildfly_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-xnio-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-marshalling_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jackson-databind_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-h2database_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-bouncycastle_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-avro_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-apache-cxf_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
http://access.redhat.com/errata/RHSA-2024:10208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Exposed dangerous method or function
EUVDB-ID: #VU69302
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2022-41853
CWE-ID:
CWE-749 - Exposed Dangerous Method or Function
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to missing authorization when using java.sql.Statement or java.sql.PreparedStatement in hsqldb. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution.
MitigationInstall updates from vendor's website.
JBoss Enterprise Application Platform: 7.1.0 - 7.1.7
eap7-xalan-j2 (Red Hat package): before 2.7.1-26.redhat_00015.1.ep7.el7
eap7-wildfly (Red Hat package): before 7.1.8-2.GA_redhat_00002.1.ep7.el7
eap7-jboss-xnio-base (Red Hat package): before 3.5.10-1.Final_redhat_00001.1.ep7.el7
eap7-jboss-marshalling (Red Hat package): before 2.0.15-1.Final_redhat_00001.1.ep7.el7
eap7-jackson-databind (Red Hat package): before 2.8.11.6-1.SP1_redhat_00001.1.ep7.el7
eap7-h2database (Red Hat package): before 1.4.197-2.redhat_00005.1.ep7.el7
eap7-bouncycastle (Red Hat package): before 1.68.0-1.redhat_00005.1.ep7.el7
eap7-avro (Red Hat package): before 1.7.6-2.redhat_00003.1.ep7.el7
eap7-apache-cxf (Red Hat package): before 3.1.16-3.SP1_redhat_00001.1.ep7.el7
CPE2.3- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:eap7-xalan-j2_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-wildfly_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-xnio-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-marshalling_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jackson-databind_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-h2database_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-bouncycastle_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-avro_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-apache-cxf_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
http://access.redhat.com/errata/RHSA-2024:10208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU87567
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-28752
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input in Aegis DataBinding. A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
MitigationInstall updates from vendor's website.
JBoss Enterprise Application Platform: 7.1.0 - 7.1.7
eap7-xalan-j2 (Red Hat package): before 2.7.1-26.redhat_00015.1.ep7.el7
eap7-wildfly (Red Hat package): before 7.1.8-2.GA_redhat_00002.1.ep7.el7
eap7-jboss-xnio-base (Red Hat package): before 3.5.10-1.Final_redhat_00001.1.ep7.el7
eap7-jboss-marshalling (Red Hat package): before 2.0.15-1.Final_redhat_00001.1.ep7.el7
eap7-jackson-databind (Red Hat package): before 2.8.11.6-1.SP1_redhat_00001.1.ep7.el7
eap7-h2database (Red Hat package): before 1.4.197-2.redhat_00005.1.ep7.el7
eap7-bouncycastle (Red Hat package): before 1.68.0-1.redhat_00005.1.ep7.el7
eap7-avro (Red Hat package): before 1.7.6-2.redhat_00003.1.ep7.el7
eap7-apache-cxf (Red Hat package): before 3.1.16-3.SP1_redhat_00001.1.ep7.el7
CPE2.3- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:eap7-xalan-j2_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-wildfly_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-xnio-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-marshalling_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jackson-databind_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-h2database_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-bouncycastle_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-avro_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-apache-cxf_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
http://access.redhat.com/errata/RHSA-2024:10208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Deserialization of Untrusted Data
EUVDB-ID: #VU61938
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2022-23221
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data within jdbc:h2:mem. A remote attacker can pass specially crafted JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring to the application and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
JBoss Enterprise Application Platform: 7.1.0 - 7.1.7
eap7-xalan-j2 (Red Hat package): before 2.7.1-26.redhat_00015.1.ep7.el7
eap7-wildfly (Red Hat package): before 7.1.8-2.GA_redhat_00002.1.ep7.el7
eap7-jboss-xnio-base (Red Hat package): before 3.5.10-1.Final_redhat_00001.1.ep7.el7
eap7-jboss-marshalling (Red Hat package): before 2.0.15-1.Final_redhat_00001.1.ep7.el7
eap7-jackson-databind (Red Hat package): before 2.8.11.6-1.SP1_redhat_00001.1.ep7.el7
eap7-h2database (Red Hat package): before 1.4.197-2.redhat_00005.1.ep7.el7
eap7-bouncycastle (Red Hat package): before 1.68.0-1.redhat_00005.1.ep7.el7
eap7-avro (Red Hat package): before 1.7.6-2.redhat_00003.1.ep7.el7
eap7-apache-cxf (Red Hat package): before 3.1.16-3.SP1_redhat_00001.1.ep7.el7
CPE2.3- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:eap7-xalan-j2_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-wildfly_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-xnio-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-marshalling_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jackson-databind_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-h2database_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-bouncycastle_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-avro_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-apache-cxf_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
http://access.redhat.com/errata/RHSA-2024:10208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU70444
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-46364
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input when parsing the href attribute of XOP:Include in MTOM requests. A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
MitigationInstall updates from vendor's website.
JBoss Enterprise Application Platform: 7.1.0 - 7.1.7
eap7-xalan-j2 (Red Hat package): before 2.7.1-26.redhat_00015.1.ep7.el7
eap7-wildfly (Red Hat package): before 7.1.8-2.GA_redhat_00002.1.ep7.el7
eap7-jboss-xnio-base (Red Hat package): before 3.5.10-1.Final_redhat_00001.1.ep7.el7
eap7-jboss-marshalling (Red Hat package): before 2.0.15-1.Final_redhat_00001.1.ep7.el7
eap7-jackson-databind (Red Hat package): before 2.8.11.6-1.SP1_redhat_00001.1.ep7.el7
eap7-h2database (Red Hat package): before 1.4.197-2.redhat_00005.1.ep7.el7
eap7-bouncycastle (Red Hat package): before 1.68.0-1.redhat_00005.1.ep7.el7
eap7-avro (Red Hat package): before 1.7.6-2.redhat_00003.1.ep7.el7
eap7-apache-cxf (Red Hat package): before 3.1.16-3.SP1_redhat_00001.1.ep7.el7
CPE2.3- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:eap7-xalan-j2_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-wildfly_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-xnio-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-marshalling_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jackson-databind_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-h2database_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-bouncycastle_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-avro_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-apache-cxf_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
http://access.redhat.com/errata/RHSA-2024:10208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper input validation
EUVDB-ID: #VU65495
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2022-34169
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to compromise the affected system.
The vulnerability exists due to an integer truncation issue when processing malicious XSLT stylesheets. A remote non-authenticated attacker can pass specially crafted data to the application to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode.
Install updates from vendor's website.
JBoss Enterprise Application Platform: 7.1.0 - 7.1.7
eap7-xalan-j2 (Red Hat package): before 2.7.1-26.redhat_00015.1.ep7.el7
eap7-wildfly (Red Hat package): before 7.1.8-2.GA_redhat_00002.1.ep7.el7
eap7-jboss-xnio-base (Red Hat package): before 3.5.10-1.Final_redhat_00001.1.ep7.el7
eap7-jboss-marshalling (Red Hat package): before 2.0.15-1.Final_redhat_00001.1.ep7.el7
eap7-jackson-databind (Red Hat package): before 2.8.11.6-1.SP1_redhat_00001.1.ep7.el7
eap7-h2database (Red Hat package): before 1.4.197-2.redhat_00005.1.ep7.el7
eap7-bouncycastle (Red Hat package): before 1.68.0-1.redhat_00005.1.ep7.el7
eap7-avro (Red Hat package): before 1.7.6-2.redhat_00003.1.ep7.el7
eap7-apache-cxf (Red Hat package): before 3.1.16-3.SP1_redhat_00001.1.ep7.el7
CPE2.3- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:eap7-xalan-j2_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-wildfly_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-xnio-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-marshalling_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jackson-databind_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-h2database_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-bouncycastle_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-avro_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-apache-cxf_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
http://access.redhat.com/errata/RHSA-2024:10208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
7) Resource exhaustion
EUVDB-ID: #VU73244
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-26464
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted (i.e., deeply nested) hashmap or hashtable (depending on which logging component is in use) to be processed can exhaust the available memory in the virtual machine and achieve denial of service when the object is deserialized.
MitigationInstall updates from vendor's website.
JBoss Enterprise Application Platform: 7.1.0 - 7.1.7
eap7-xalan-j2 (Red Hat package): before 2.7.1-26.redhat_00015.1.ep7.el7
eap7-wildfly (Red Hat package): before 7.1.8-2.GA_redhat_00002.1.ep7.el7
eap7-jboss-xnio-base (Red Hat package): before 3.5.10-1.Final_redhat_00001.1.ep7.el7
eap7-jboss-marshalling (Red Hat package): before 2.0.15-1.Final_redhat_00001.1.ep7.el7
eap7-jackson-databind (Red Hat package): before 2.8.11.6-1.SP1_redhat_00001.1.ep7.el7
eap7-h2database (Red Hat package): before 1.4.197-2.redhat_00005.1.ep7.el7
eap7-bouncycastle (Red Hat package): before 1.68.0-1.redhat_00005.1.ep7.el7
eap7-avro (Red Hat package): before 1.7.6-2.redhat_00003.1.ep7.el7
eap7-apache-cxf (Red Hat package): before 3.1.16-3.SP1_redhat_00001.1.ep7.el7
CPE2.3- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:eap7-xalan-j2_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-wildfly_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-xnio-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-marshalling_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jackson-databind_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-h2database_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-bouncycastle_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-avro_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-apache-cxf_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
http://access.redhat.com/errata/RHSA-2024:10208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Resource exhaustion
EUVDB-ID: #VU93103
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-5685
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in NotifierState, when the chain of notifier states becomes problematically large. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
JBoss Enterprise Application Platform: 7.1.0 - 7.1.7
eap7-xalan-j2 (Red Hat package): before 2.7.1-26.redhat_00015.1.ep7.el7
eap7-wildfly (Red Hat package): before 7.1.8-2.GA_redhat_00002.1.ep7.el7
eap7-jboss-xnio-base (Red Hat package): before 3.5.10-1.Final_redhat_00001.1.ep7.el7
eap7-jboss-marshalling (Red Hat package): before 2.0.15-1.Final_redhat_00001.1.ep7.el7
eap7-jackson-databind (Red Hat package): before 2.8.11.6-1.SP1_redhat_00001.1.ep7.el7
eap7-h2database (Red Hat package): before 1.4.197-2.redhat_00005.1.ep7.el7
eap7-bouncycastle (Red Hat package): before 1.68.0-1.redhat_00005.1.ep7.el7
eap7-avro (Red Hat package): before 1.7.6-2.redhat_00003.1.ep7.el7
eap7-apache-cxf (Red Hat package): before 3.1.16-3.SP1_redhat_00001.1.ep7.el7
CPE2.3- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:eap7-xalan-j2_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-wildfly_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-xnio-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-marshalling_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jackson-databind_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-h2database_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-bouncycastle_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-avro_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-apache-cxf_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
http://access.redhat.com/errata/RHSA-2024:10208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Resource exhaustion
EUVDB-ID: #VU82197
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-3171
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. A remote attacker can send specially crafted requests using these classes to trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
JBoss Enterprise Application Platform: 7.1.0 - 7.1.7
eap7-xalan-j2 (Red Hat package): before 2.7.1-26.redhat_00015.1.ep7.el7
eap7-wildfly (Red Hat package): before 7.1.8-2.GA_redhat_00002.1.ep7.el7
eap7-jboss-xnio-base (Red Hat package): before 3.5.10-1.Final_redhat_00001.1.ep7.el7
eap7-jboss-marshalling (Red Hat package): before 2.0.15-1.Final_redhat_00001.1.ep7.el7
eap7-jackson-databind (Red Hat package): before 2.8.11.6-1.SP1_redhat_00001.1.ep7.el7
eap7-h2database (Red Hat package): before 1.4.197-2.redhat_00005.1.ep7.el7
eap7-bouncycastle (Red Hat package): before 1.68.0-1.redhat_00005.1.ep7.el7
eap7-avro (Red Hat package): before 1.7.6-2.redhat_00003.1.ep7.el7
eap7-apache-cxf (Red Hat package): before 3.1.16-3.SP1_redhat_00001.1.ep7.el7
CPE2.3- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:eap7-xalan-j2_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-wildfly_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-xnio-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-marshalling_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jackson-databind_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-h2database_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-bouncycastle_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-avro_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-apache-cxf_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
http://access.redhat.com/errata/RHSA-2024:10208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Inconsistent interpretation of HTTP requests
EUVDB-ID: #VU25353
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-7238
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
Description
The vulnerability allows a remote attacker to perform HTTP request smuggling attack.
The vulnerability exists due to improper input validation when processing a whitespace before the colon in HTTP headers (e.g. "Transfer-Encoding : chunked") and a later Content-Length header. A remote attacker can send a specially crafted HTTP request and perform HTTP request smuggling attack.
This issue exists because of an incomplete fix for CVE-2019-16869 (SB2019092616).
Install updates from vendor's website.
JBoss Enterprise Application Platform: 7.1.0 - 7.1.7
eap7-xalan-j2 (Red Hat package): before 2.7.1-26.redhat_00015.1.ep7.el7
eap7-wildfly (Red Hat package): before 7.1.8-2.GA_redhat_00002.1.ep7.el7
eap7-jboss-xnio-base (Red Hat package): before 3.5.10-1.Final_redhat_00001.1.ep7.el7
eap7-jboss-marshalling (Red Hat package): before 2.0.15-1.Final_redhat_00001.1.ep7.el7
eap7-jackson-databind (Red Hat package): before 2.8.11.6-1.SP1_redhat_00001.1.ep7.el7
eap7-h2database (Red Hat package): before 1.4.197-2.redhat_00005.1.ep7.el7
eap7-bouncycastle (Red Hat package): before 1.68.0-1.redhat_00005.1.ep7.el7
eap7-avro (Red Hat package): before 1.7.6-2.redhat_00003.1.ep7.el7
eap7-apache-cxf (Red Hat package): before 3.1.16-3.SP1_redhat_00001.1.ep7.el7
CPE2.3- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:eap7-xalan-j2_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-wildfly_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-xnio-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-marshalling_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jackson-databind_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-h2database_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-bouncycastle_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-avro_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-apache-cxf_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
http://access.redhat.com/errata/RHSA-2024:10208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Deserialization of Untrusted Data
EUVDB-ID: #VU83219
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-39410
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to reader can consume memory beyond the allowed constraints and thus lead to out of memory on the system, when deserializing untrusted or corrupted data. A remote attacker can pass specially crafted data to the application and perform a denial of service attack.
MitigationInstall updates from vendor's website.
JBoss Enterprise Application Platform: 7.1.0 - 7.1.7
eap7-xalan-j2 (Red Hat package): before 2.7.1-26.redhat_00015.1.ep7.el7
eap7-wildfly (Red Hat package): before 7.1.8-2.GA_redhat_00002.1.ep7.el7
eap7-jboss-xnio-base (Red Hat package): before 3.5.10-1.Final_redhat_00001.1.ep7.el7
eap7-jboss-marshalling (Red Hat package): before 2.0.15-1.Final_redhat_00001.1.ep7.el7
eap7-jackson-databind (Red Hat package): before 2.8.11.6-1.SP1_redhat_00001.1.ep7.el7
eap7-h2database (Red Hat package): before 1.4.197-2.redhat_00005.1.ep7.el7
eap7-bouncycastle (Red Hat package): before 1.68.0-1.redhat_00005.1.ep7.el7
eap7-avro (Red Hat package): before 1.7.6-2.redhat_00003.1.ep7.el7
eap7-apache-cxf (Red Hat package): before 3.1.16-3.SP1_redhat_00001.1.ep7.el7
CPE2.3- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:eap7-xalan-j2_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-wildfly_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-xnio-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-marshalling_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jackson-databind_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-h2database_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-bouncycastle_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-avro_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-apache-cxf_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
http://access.redhat.com/errata/RHSA-2024:10208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Input validation error
EUVDB-ID: #VU98024
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-47561
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input when parsing schema in Java SDK. A remote attacker can pass specially crafted schema to the application and execute arbitrary code on the system.
Install updates from vendor's website.
JBoss Enterprise Application Platform: 7.1.0 - 7.1.7
eap7-xalan-j2 (Red Hat package): before 2.7.1-26.redhat_00015.1.ep7.el7
eap7-wildfly (Red Hat package): before 7.1.8-2.GA_redhat_00002.1.ep7.el7
eap7-jboss-xnio-base (Red Hat package): before 3.5.10-1.Final_redhat_00001.1.ep7.el7
eap7-jboss-marshalling (Red Hat package): before 2.0.15-1.Final_redhat_00001.1.ep7.el7
eap7-jackson-databind (Red Hat package): before 2.8.11.6-1.SP1_redhat_00001.1.ep7.el7
eap7-h2database (Red Hat package): before 1.4.197-2.redhat_00005.1.ep7.el7
eap7-bouncycastle (Red Hat package): before 1.68.0-1.redhat_00005.1.ep7.el7
eap7-avro (Red Hat package): before 1.7.6-2.redhat_00003.1.ep7.el7
eap7-apache-cxf (Red Hat package): before 3.1.16-3.SP1_redhat_00001.1.ep7.el7
CPE2.3- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:jboss_enterprise_application_platform:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:eap7-xalan-j2_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-wildfly_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-xnio-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jboss-marshalling_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-jackson-databind_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-h2database_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-bouncycastle_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-avro_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:eap7-apache-cxf_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
http://access.redhat.com/errata/RHSA-2024:10208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
