CVSS: 7.5EPSS: 8%CPEs: 7EXPL: 0CVE-2017-2670 – undertow: IO thread DoS via unclean Websocket closing
https://notcve.org/view.php?id=CVE-2017-2670
07 Jun 2017 — It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS. Se ha encontrado en Undertow en versiones anteriores a la 1.3.28 que con el cierre no seguro de TCP, el servidor Websocket entra en bucle infinito en cada hilo IO, provocando efectivamente una denegación de servicio (DoS). It was found that with non-clean TCP close, Websocket server gets into infinite loop on every IO thread, effectively causing DoS.... • http://rhn.redhat.com/errata/RHSA-2017-1409.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-8656 – jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation
https://notcve.org/view.php?id=CVE-2016-8656
03 Feb 2017 — Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation. Jboss jbossas en versiones anteriores a la 5.2.0-23, 6.4.13 y 7.0.5 es vulnerable a una gestión insegura de archivos en el script init de jboss, lo que podría resultar en un escalado de privilegios local. It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. Red Hat JBo... • http://rhn.redhat.com/errata/RHSA-2017-0244.html • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-8627 – admin-cli: Potential EAP resource starvation DOS attack via GET requests for server log files
https://notcve.org/view.php?id=CVE-2016-8627
19 Jan 2017 — admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired. admin-cli, en versiones anteriores a la 3.0.0.alpha25 y 2.2.1.cr2, es vulnerable a que una característica EAP descargue archivos de registro del servidor, ... • http://rhn.redhat.com/errata/RHSA-2017-0170.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7061 – EAP: Sensitive data can be exposed at the server level in domain mode
https://notcve.org/view.php?id=CVE-2016-7061
19 Jan 2017 — An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. Se ha detectado una vulnerabilidad de divulgación de información en JBoss Enterprise Application Platform en versiones anteriores a la 7.0.4. Se ha descubierto que, al configurar RBAC y marcar información como sensible, los usuarios con rol Monitor puede... • http://rhn.redhat.com/errata/RHSA-2017-0170.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 1%CPEs: 10EXPL: 0CVE-2016-4978 – Artemis: Deserialization of untrusted input vulnerability
https://notcve.org/view.php?id=CVE-2016-4978
27 Sep 2016 — The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath. El método getObject de la clase javax.jms.ObjectMessage en el (1) cliente JMS Core, (2) broker Artemis y (3) com... • http://mail-archives.apache.org/mod_mbox/activemq-users/201609.mbox/%3CCAH6wpnqzeNtpykT7emtDU1-GV7AvjFP5-YroWcCC4UZyQEFvtA%40mail.gmail.com%3E • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2016-5406 – EAP7 Privilege escalation when managing domain including earlier version slaves
https://notcve.org/view.php?id=CVE-2016-5406
08 Sep 2016 — The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves. El controlador de dominios en Red Hat JBoss Enterprise Application Platform (EAP) 7.x en versiones anteriores a 7.0.2 permite a usuarios remotos autenticados obtener privilegios aprovechando el fallo de propagación de configuración RBAC administrativa a todos los esclavos. The dom... • http://rhn.redhat.com/errata/RHSA-2016-1838.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4993 – eap: HTTP header injection / response splitting
https://notcve.org/view.php?id=CVE-2016-4993
08 Sep 2016 — CRLF injection vulnerability in the Undertow web server in WildFly 10.0.0, as used in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Vulnerabilidad de inyección CRLF en el servidor web Undertow en WildFly 10.0.0, tal como se utiliza en Red Hat JBoss Enterprise Application Platform (EAP) 7.x en versiones anteriores a 7.0.2, permite a atacantes remotos inyectar c... • http://rhn.redhat.com/errata/RHSA-2016-1838.html • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2016-2141 – JGroups: Authorization bypass
https://notcve.org/view.php?id=CVE-2016-2141
24 Jun 2016 — It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. JGroups en versiones anteriores a 4.0 no solicita las cabeceras adecuadas para los protocolos ENCRYPT y AUTH desde los nodos uniéndose al grupo, lo que permite a ... • http://rhn.redhat.com/errata/RHSA-2016-1435.html •