CVE-2016-5406 – EAP7 Privilege escalation when managing domain including earlier version slaves
https://notcve.org/view.php?id=CVE-2016-5406
The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves. El controlador de dominios en Red Hat JBoss Enterprise Application Platform (EAP) 7.x en versiones anteriores a 7.0.2 permite a usuarios remotos autenticados obtener privilegios aprovechando el fallo de propagación de configuración RBAC administrativa a todos los esclavos. The domain controller will not propagate its administrative RBAC configuration to some slaves. An attacker could use this to escalate their privileges. • http://rhn.redhat.com/errata/RHSA-2016-1838.html http://rhn.redhat.com/errata/RHSA-2016-1839.html http://rhn.redhat.com/errata/RHSA-2016-1840.html http://rhn.redhat.com/errata/RHSA-2016-1841.html https://access.redhat.com/errata/RHSA-2017:3454 https://access.redhat.com/errata/RHSA-2017:3455 https://access.redhat.com/errata/RHSA-2017:3456 https://access.redhat.com/errata/RHSA-2017:3458 https://bugzilla.redhat.com/show_bug.cgi?id=1359014 https://access.redhat.c • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2016-4993 – eap: HTTP header injection / response splitting
https://notcve.org/view.php?id=CVE-2016-4993
CRLF injection vulnerability in the Undertow web server in WildFly 10.0.0, as used in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Vulnerabilidad de inyección CRLF en el servidor web Undertow en WildFly 10.0.0, tal como se utiliza en Red Hat JBoss Enterprise Application Platform (EAP) 7.x en versiones anteriores a 7.0.2, permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de separación de respuesta HTTP a través de vectores no especificados. It was reported that EAP 7 Application Server/Undertow web server is vulnerable to the injection of arbitrary HTTP headers, and also response splitting, due to insufficient sanitization and validation of user input before the input is used as part of an HTTP header value. • http://rhn.redhat.com/errata/RHSA-2016-1838.html http://rhn.redhat.com/errata/RHSA-2016-1839.html http://rhn.redhat.com/errata/RHSA-2016-1840.html http://rhn.redhat.com/errata/RHSA-2016-1841.html http://www.securityfocus.com/bid/92894 http://www.securitytracker.com/id/1036758 https://access.redhat.com/errata/RHSA-2017:3454 https://access.redhat.com/errata/RHSA-2017:3455 https://access.redhat.com/errata/RHSA-2017:3456 https://access.redhat.com/errata/RHSA-2017: • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVE-2016-2141 – JGroups: Authorization bypass
https://notcve.org/view.php?id=CVE-2016-2141
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. JGroups en versiones anteriores a 4.0 no solicita las cabeceras adecuadas para los protocolos ENCRYPT y AUTH desde los nodos uniéndose al grupo, lo que permite a atacantes remotos eludir las restricciones de seguridad y enviar y recibir mensajes dentro del grupo a través de vectores no especificados. • http://rhn.redhat.com/errata/RHSA-2016-1435.html http://rhn.redhat.com/errata/RHSA-2016-1439.html http://rhn.redhat.com/errata/RHSA-2016-2035.html http://www.securityfocus.com/bid/91481 http://www.securitytracker.com/id/1036165 https://access.redhat.com/errata/RHSA-2016:1345 https://access.redhat.com/errata/RHSA-2016:1346 https://access.redhat.com/errata/RHSA-2016:1347 https://access.redhat.com/errata/RHSA-2016:1374 https://access.redhat.com/errata/RHSA-2016:1376& •