Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-7061 (GCVE-0-2016-7061)
Vulnerability from cvelistv5 – Published: 2018-09-10 16:00 – Updated: 2024-08-06 01:50
VLAI?
EPSS
Summary
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
Severity ?
CWE
Assigner
References
15 references
Date Public ?
2016-11-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:0250",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0250.html"
},
{
"name": "RHSA-2017:0171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0171.html"
},
{
"name": "RHSA-2017:3458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"name": "RHSA-2017:0244",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0244.html"
},
{
"name": "RHSA-2017:0172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0172.html"
},
{
"name": "RHSA-2017:0246",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0246.html"
},
{
"name": "RHSA-2017:3455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"name": "RHSA-2017:3456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061"
},
{
"name": "94222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94222"
},
{
"name": "RHSA-2017:3454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"name": "RHSA-2017:0170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0170.html"
},
{
"name": "RHSA-2017:0245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0245.html"
},
{
"name": "RHSA-2017:0247",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0247.html"
},
{
"name": "RHSA-2017:0173",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0173.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EAP",
"vendor": "Red Hat",
"versions": [
{
"status": "affected",
"version": "7.0.4"
}
]
}
],
"datePublic": "2016-11-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-11T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2017:0250",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0250.html"
},
{
"name": "RHSA-2017:0171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0171.html"
},
{
"name": "RHSA-2017:3458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"name": "RHSA-2017:0244",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0244.html"
},
{
"name": "RHSA-2017:0172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0172.html"
},
{
"name": "RHSA-2017:0246",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0246.html"
},
{
"name": "RHSA-2017:3455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"name": "RHSA-2017:3456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061"
},
{
"name": "94222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94222"
},
{
"name": "RHSA-2017:3454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"name": "RHSA-2017:0170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0170.html"
},
{
"name": "RHSA-2017:0245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0245.html"
},
{
"name": "RHSA-2017:0247",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0247.html"
},
{
"name": "RHSA-2017:0173",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0173.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-7061",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EAP",
"version": {
"version_data": [
{
"version_value": "7.0.4"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
[
{
"vectorString": "4.0/AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:0250",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0250.html"
},
{
"name": "RHSA-2017:0171",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0171.html"
},
{
"name": "RHSA-2017:3458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"name": "RHSA-2017:0244",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0244.html"
},
{
"name": "RHSA-2017:0172",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0172.html"
},
{
"name": "RHSA-2017:0246",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0246.html"
},
{
"name": "RHSA-2017:3455",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"name": "RHSA-2017:3456",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061"
},
{
"name": "94222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94222"
},
{
"name": "RHSA-2017:3454",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"name": "RHSA-2017:0170",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0170.html"
},
{
"name": "RHSA-2017:0245",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0245.html"
},
{
"name": "RHSA-2017:0247",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0247.html"
},
{
"name": "RHSA-2017:0173",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0173.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-7061",
"datePublished": "2018-09-10T16:00:00.000Z",
"dateReserved": "2016-08-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:50:47.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-7061",
"date": "2026-05-21",
"epss": "0.0056",
"percentile": "0.68515"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.0.4\", \"matchCriteriaId\": \"447E81F4-FF99-4844-A2CB-8F7EE76826CA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.\"}, {\"lang\": \"es\", \"value\": \"Se ha detectado una vulnerabilidad de divulgaci\\u00f3n de informaci\\u00f3n en JBoss Enterprise Application Platform en versiones anteriores a la 7.0.4. Se ha descubierto que, al configurar RBAC y marcar informaci\\u00f3n como sensible, los usuarios con rol Monitor pueden visualizar dicha informaci\\u00f3n sensible\"}]",
"id": "CVE-2016-7061",
"lastModified": "2024-11-21T02:57:22.850",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N\", \"baseScore\": 3.5, \"baseSeverity\": \"LOW\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:N/A:N\", \"baseScore\": 4.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-09-10T16:29:00.667",
"references": "[{\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0170.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0171.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0172.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0173.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0244.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0245.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0246.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0247.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0250.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94222\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3454\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3455\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3456\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3458\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0170.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0171.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0172.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0173.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0244.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0245.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0246.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0247.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0250.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94222\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3454\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3455\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3456\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3458\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-7061\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2018-09-10T16:29:00.667\",\"lastModified\":\"2024-11-21T02:57:22.850\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.\"},{\"lang\":\"es\",\"value\":\"Se ha detectado una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en JBoss Enterprise Application Platform en versiones anteriores a la 7.0.4. Se ha descubierto que, al configurar RBAC y marcar informaci\u00f3n como sensible, los usuarios con rol Monitor pueden visualizar dicha informaci\u00f3n sensible\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":3.5,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.1,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.0.4\",\"matchCriteriaId\":\"447E81F4-FF99-4844-A2CB-8F7EE76826CA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0170.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0171.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0172.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0173.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0244.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0245.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0246.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0247.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0250.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94222\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3454\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3455\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3456\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3458\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0170.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0171.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0172.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0173.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0244.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0245.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0246.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0247.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0250.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94222\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3454\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3455\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3456\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3458\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]}]}}"
}
}
CERTFR-2020-AVI-015
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Juniper Networks SBR Carrier versions 8.5.x antérieures à 8.5.0R4 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1, 19.2 et 19.3 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.1X53-D12 sur séries QFX5100 et EX4600 | ||
| Juniper Networks | N/A | Juniper Networks Contrail Networking versions antérieures à R1912 | ||
| Juniper Networks | N/A | Juniper Networks SBR Carrier versions antérieures à 8.4.1R19 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 19.4R1 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 17.2R3-S3, 17.3R2-S5, 17.3R3-S5, 17.4R2-S7, 17.4R3, 18.1R3-S6, 18.2R3-S2, 18.2X75-D51, 18.2X75-D60, 18.3R3, 18.4R2, 19.1R1-S3, 19.1R2, 19.2R1-S2, 19.2R2 et 19.3R1 sur séries MX | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.1X53-D48, 15.1R7-S3, 16.1R7, 17.1R3, 17.2R3, 17.3R2-S5, 17.3R3, 17.4R2, 18.1R3, 18.2R2 et 18.3R1 sur série EX4300 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.1X53-D52 sur séries QFX3500 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3R12-S13, 12.3R12-S15, 12.3X48-D85, 12.3X48-D86, 12.3X48-D90, 14.1X53-D51, 15.1F6-S13, 15.1F6-S13,15.1R7-S5, 15.1R7-S4, 15.1R7-S5, 15.1R7-S6, 15.1X49-D180, 15.1X49-D181, 15.1X49-D190, 15.1X49-D200, 15.1X53-D238, 15.1X53-D496, 15.1X53-D592, 16.1R4-S13, 16.1R7-S4, 16.1R7-S5, 16.1R7-S6, 16.2R2-S10, 16.2R2-S10,17.1R2-S11, 16.2R2-S11, 16.2R2-S9, 17.1R2-S11, 17.1R3, 17.1R3-S1, 17.2R1-S9, 17.2R2-S8, 17.2R3-S2, 17.2R3-S3, 17.3R2-S5, 17.3R2-S6, 17.3R3-S3, 17.3R3-S5, 17.3R3-S6, 17.3R3-S7, 17.4R2-S2, 17.4R2-S4, 17.4R2-S5, 17.4R2-S6, 17.4R2-S9, 17.4R3, 18.1R3-S2, 18.1R3-S5, 18.1R3-S7, 18.1R3-S7,18.2R2-S5, 18.1R3-S8, 18.2R2-S6, 18.2R3, 18.2R3-S2, 18.2X75-D40, 18.2X75-D410, 18.2X75-D50, 18.3R1-S6, 18.3R2, 18.3R2-S1, 18.3R2-S2, 18.3R2-S3, 18.3R3, 18.4R1-S2, 18.4R1-S5, 18.4R1-S6, 18.4R2, 18.4R2-S2, 18.4R3, 19.1R1, 19.1R1-S2, 19.1R1-S3, 19.1R1-S4, 19.1R2, 19.2R1, 19.2R1-S2, 19.2R2 et 19.3R1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Juniper Networks SBR Carrier versions 8.5.x ant\u00e9rieures \u00e0 8.5.0R4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1, 19.2 et 19.3",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D12 sur s\u00e9ries QFX5100 et EX4600",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Networks Contrail Networking versions ant\u00e9rieures \u00e0 R1912",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Networks SBR Carrier versions ant\u00e9rieures \u00e0 8.4.1R19",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 19.4R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 17.2R3-S3, 17.3R2-S5, 17.3R3-S5, 17.4R2-S7, 17.4R3, 18.1R3-S6, 18.2R3-S2, 18.2X75-D51, 18.2X75-D60, 18.3R3, 18.4R2, 19.1R1-S3, 19.1R2, 19.2R1-S2, 19.2R2 et 19.3R1 sur s\u00e9ries MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D48, 15.1R7-S3, 16.1R7, 17.1R3, 17.2R3, 17.3R2-S5, 17.3R3, 17.4R2, 18.1R3, 18.2R2 et 18.3R1 sur s\u00e9rie EX4300",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D52 sur s\u00e9ries QFX3500",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S13, 12.3R12-S15, 12.3X48-D85, 12.3X48-D86, 12.3X48-D90, 14.1X53-D51, 15.1F6-S13, 15.1F6-S13,15.1R7-S5, 15.1R7-S4, 15.1R7-S5, 15.1R7-S6, 15.1X49-D180, 15.1X49-D181, 15.1X49-D190, 15.1X49-D200, 15.1X53-D238, 15.1X53-D496, 15.1X53-D592, 16.1R4-S13, 16.1R7-S4, 16.1R7-S5, 16.1R7-S6, 16.2R2-S10, 16.2R2-S10,17.1R2-S11, 16.2R2-S11, 16.2R2-S9, 17.1R2-S11, 17.1R3, 17.1R3-S1, 17.2R1-S9, 17.2R2-S8, 17.2R3-S2, 17.2R3-S3, 17.3R2-S5, 17.3R2-S6, 17.3R3-S3, 17.3R3-S5, 17.3R3-S6, 17.3R3-S7, 17.4R2-S2, 17.4R2-S4, 17.4R2-S5, 17.4R2-S6, 17.4R2-S9, 17.4R3, 18.1R3-S2, 18.1R3-S5, 18.1R3-S7, 18.1R3-S7,18.2R2-S5, 18.1R3-S8, 18.2R2-S6, 18.2R3, 18.2R3-S2, 18.2X75-D40, 18.2X75-D410, 18.2X75-D50, 18.3R1-S6, 18.3R2, 18.3R2-S1, 18.3R2-S2, 18.3R2-S3, 18.3R3, 18.4R1-S2, 18.4R1-S5, 18.4R1-S6, 18.4R2, 18.4R2-S2, 18.4R3, 19.1R1, 19.1R1-S2, 19.1R1-S3, 19.1R1-S4, 19.1R2, 19.2R1, 19.2R1-S2, 19.2R2 et 19.3R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-12749",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12749"
},
{
"name": "CVE-2019-1125",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1125"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2019-11091",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11091"
},
{
"name": "CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"name": "CVE-2019-1071",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1071"
},
{
"name": "CVE-2020-1611",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1611"
},
{
"name": "CVE-2018-1336",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1336"
},
{
"name": "CVE-2018-0739",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0739"
},
{
"name": "CVE-2015-5621",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5621"
},
{
"name": "CVE-2018-5743",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5743"
},
{
"name": "CVE-2014-2310",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2310"
},
{
"name": "CVE-2018-9568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
},
{
"name": "CVE-2019-12735",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12735"
},
{
"name": "CVE-2019-11810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11810"
},
{
"name": "CVE-2020-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1606"
},
{
"name": "CVE-2007-5846",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5846"
},
{
"name": "CVE-2019-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
},
{
"name": "CVE-2020-1608",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1608"
},
{
"name": "CVE-2020-1602",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1602"
},
{
"name": "CVE-2018-12127",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12127"
},
{
"name": "CVE-2019-19919",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19919"
},
{
"name": "CVE-2017-17805",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17805"
},
{
"name": "CVE-2018-17972",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17972"
},
{
"name": "CVE-2008-6123",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-6123"
},
{
"name": "CVE-2020-1601",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1601"
},
{
"name": "CVE-2017-2595",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2595"
},
{
"name": "CVE-2016-7061",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7061"
},
{
"name": "CVE-2019-5489",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5489"
},
{
"name": "CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"name": "CVE-2018-12130",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12130"
},
{
"name": "CVE-2019-9824",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9824"
},
{
"name": "CVE-2017-3735",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
},
{
"name": "CVE-2020-1607",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1607"
},
{
"name": "CVE-2012-6151",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
},
{
"name": "CVE-2019-14835",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14835"
},
{
"name": "CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"name": "CVE-2019-1073",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1073"
},
{
"name": "CVE-2020-1604",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1604"
},
{
"name": "CVE-2016-7055",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7055"
},
{
"name": "CVE-2018-12126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12126"
},
{
"name": "CVE-2020-1603",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1603"
},
{
"name": "CVE-2008-4309",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4309"
},
{
"name": "CVE-2019-1559",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1559"
},
{
"name": "CVE-2014-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3565"
},
{
"name": "CVE-2020-1609",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1609"
},
{
"name": "CVE-2020-1605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1605"
},
{
"name": "CVE-2020-1600",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1600"
}
],
"links": [],
"reference": "CERTFR-2020-AVI-015",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-01-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10992 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10992\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10986 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10986\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10985 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10985\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10980 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10980\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10981 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10981\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10983 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10983\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10979 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10979\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10987 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10987\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10982 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10982\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10990 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10990\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10991 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10991\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10993 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10993\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2020-AVI-015
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Juniper Networks SBR Carrier versions 8.5.x antérieures à 8.5.0R4 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1, 19.2 et 19.3 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.1X53-D12 sur séries QFX5100 et EX4600 | ||
| Juniper Networks | N/A | Juniper Networks Contrail Networking versions antérieures à R1912 | ||
| Juniper Networks | N/A | Juniper Networks SBR Carrier versions antérieures à 8.4.1R19 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 19.4R1 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 17.2R3-S3, 17.3R2-S5, 17.3R3-S5, 17.4R2-S7, 17.4R3, 18.1R3-S6, 18.2R3-S2, 18.2X75-D51, 18.2X75-D60, 18.3R3, 18.4R2, 19.1R1-S3, 19.1R2, 19.2R1-S2, 19.2R2 et 19.3R1 sur séries MX | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.1X53-D48, 15.1R7-S3, 16.1R7, 17.1R3, 17.2R3, 17.3R2-S5, 17.3R3, 17.4R2, 18.1R3, 18.2R2 et 18.3R1 sur série EX4300 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.1X53-D52 sur séries QFX3500 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3R12-S13, 12.3R12-S15, 12.3X48-D85, 12.3X48-D86, 12.3X48-D90, 14.1X53-D51, 15.1F6-S13, 15.1F6-S13,15.1R7-S5, 15.1R7-S4, 15.1R7-S5, 15.1R7-S6, 15.1X49-D180, 15.1X49-D181, 15.1X49-D190, 15.1X49-D200, 15.1X53-D238, 15.1X53-D496, 15.1X53-D592, 16.1R4-S13, 16.1R7-S4, 16.1R7-S5, 16.1R7-S6, 16.2R2-S10, 16.2R2-S10,17.1R2-S11, 16.2R2-S11, 16.2R2-S9, 17.1R2-S11, 17.1R3, 17.1R3-S1, 17.2R1-S9, 17.2R2-S8, 17.2R3-S2, 17.2R3-S3, 17.3R2-S5, 17.3R2-S6, 17.3R3-S3, 17.3R3-S5, 17.3R3-S6, 17.3R3-S7, 17.4R2-S2, 17.4R2-S4, 17.4R2-S5, 17.4R2-S6, 17.4R2-S9, 17.4R3, 18.1R3-S2, 18.1R3-S5, 18.1R3-S7, 18.1R3-S7,18.2R2-S5, 18.1R3-S8, 18.2R2-S6, 18.2R3, 18.2R3-S2, 18.2X75-D40, 18.2X75-D410, 18.2X75-D50, 18.3R1-S6, 18.3R2, 18.3R2-S1, 18.3R2-S2, 18.3R2-S3, 18.3R3, 18.4R1-S2, 18.4R1-S5, 18.4R1-S6, 18.4R2, 18.4R2-S2, 18.4R3, 19.1R1, 19.1R1-S2, 19.1R1-S3, 19.1R1-S4, 19.1R2, 19.2R1, 19.2R1-S2, 19.2R2 et 19.3R1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Juniper Networks SBR Carrier versions 8.5.x ant\u00e9rieures \u00e0 8.5.0R4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1, 19.2 et 19.3",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D12 sur s\u00e9ries QFX5100 et EX4600",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Networks Contrail Networking versions ant\u00e9rieures \u00e0 R1912",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Networks SBR Carrier versions ant\u00e9rieures \u00e0 8.4.1R19",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 19.4R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 17.2R3-S3, 17.3R2-S5, 17.3R3-S5, 17.4R2-S7, 17.4R3, 18.1R3-S6, 18.2R3-S2, 18.2X75-D51, 18.2X75-D60, 18.3R3, 18.4R2, 19.1R1-S3, 19.1R2, 19.2R1-S2, 19.2R2 et 19.3R1 sur s\u00e9ries MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D48, 15.1R7-S3, 16.1R7, 17.1R3, 17.2R3, 17.3R2-S5, 17.3R3, 17.4R2, 18.1R3, 18.2R2 et 18.3R1 sur s\u00e9rie EX4300",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D52 sur s\u00e9ries QFX3500",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S13, 12.3R12-S15, 12.3X48-D85, 12.3X48-D86, 12.3X48-D90, 14.1X53-D51, 15.1F6-S13, 15.1F6-S13,15.1R7-S5, 15.1R7-S4, 15.1R7-S5, 15.1R7-S6, 15.1X49-D180, 15.1X49-D181, 15.1X49-D190, 15.1X49-D200, 15.1X53-D238, 15.1X53-D496, 15.1X53-D592, 16.1R4-S13, 16.1R7-S4, 16.1R7-S5, 16.1R7-S6, 16.2R2-S10, 16.2R2-S10,17.1R2-S11, 16.2R2-S11, 16.2R2-S9, 17.1R2-S11, 17.1R3, 17.1R3-S1, 17.2R1-S9, 17.2R2-S8, 17.2R3-S2, 17.2R3-S3, 17.3R2-S5, 17.3R2-S6, 17.3R3-S3, 17.3R3-S5, 17.3R3-S6, 17.3R3-S7, 17.4R2-S2, 17.4R2-S4, 17.4R2-S5, 17.4R2-S6, 17.4R2-S9, 17.4R3, 18.1R3-S2, 18.1R3-S5, 18.1R3-S7, 18.1R3-S7,18.2R2-S5, 18.1R3-S8, 18.2R2-S6, 18.2R3, 18.2R3-S2, 18.2X75-D40, 18.2X75-D410, 18.2X75-D50, 18.3R1-S6, 18.3R2, 18.3R2-S1, 18.3R2-S2, 18.3R2-S3, 18.3R3, 18.4R1-S2, 18.4R1-S5, 18.4R1-S6, 18.4R2, 18.4R2-S2, 18.4R3, 19.1R1, 19.1R1-S2, 19.1R1-S3, 19.1R1-S4, 19.1R2, 19.2R1, 19.2R1-S2, 19.2R2 et 19.3R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-12749",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12749"
},
{
"name": "CVE-2019-1125",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1125"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2019-11091",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11091"
},
{
"name": "CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"name": "CVE-2019-1071",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1071"
},
{
"name": "CVE-2020-1611",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1611"
},
{
"name": "CVE-2018-1336",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1336"
},
{
"name": "CVE-2018-0739",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0739"
},
{
"name": "CVE-2015-5621",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5621"
},
{
"name": "CVE-2018-5743",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5743"
},
{
"name": "CVE-2014-2310",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2310"
},
{
"name": "CVE-2018-9568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
},
{
"name": "CVE-2019-12735",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12735"
},
{
"name": "CVE-2019-11810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11810"
},
{
"name": "CVE-2020-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1606"
},
{
"name": "CVE-2007-5846",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5846"
},
{
"name": "CVE-2019-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
},
{
"name": "CVE-2020-1608",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1608"
},
{
"name": "CVE-2020-1602",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1602"
},
{
"name": "CVE-2018-12127",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12127"
},
{
"name": "CVE-2019-19919",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19919"
},
{
"name": "CVE-2017-17805",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17805"
},
{
"name": "CVE-2018-17972",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17972"
},
{
"name": "CVE-2008-6123",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-6123"
},
{
"name": "CVE-2020-1601",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1601"
},
{
"name": "CVE-2017-2595",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2595"
},
{
"name": "CVE-2016-7061",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7061"
},
{
"name": "CVE-2019-5489",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5489"
},
{
"name": "CVE-2017-12174",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
},
{
"name": "CVE-2018-12130",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12130"
},
{
"name": "CVE-2019-9824",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9824"
},
{
"name": "CVE-2017-3735",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
},
{
"name": "CVE-2020-1607",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1607"
},
{
"name": "CVE-2012-6151",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
},
{
"name": "CVE-2019-14835",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14835"
},
{
"name": "CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"name": "CVE-2019-1073",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1073"
},
{
"name": "CVE-2020-1604",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1604"
},
{
"name": "CVE-2016-7055",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7055"
},
{
"name": "CVE-2018-12126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12126"
},
{
"name": "CVE-2020-1603",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1603"
},
{
"name": "CVE-2008-4309",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4309"
},
{
"name": "CVE-2019-1559",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1559"
},
{
"name": "CVE-2014-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3565"
},
{
"name": "CVE-2020-1609",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1609"
},
{
"name": "CVE-2020-1605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1605"
},
{
"name": "CVE-2020-1600",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1600"
}
],
"links": [],
"reference": "CERTFR-2020-AVI-015",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-01-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10992 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10992\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10986 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10986\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10985 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10985\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10980 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10980\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10981 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10981\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10983 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10983\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10979 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10979\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10987 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10987\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10982 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10982\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10990 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10990\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10991 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10991\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10993 du 08 janvier 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10993\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CNVD-2016-11247
Vulnerability from cnvd - Published: 2016-11-18
VLAI Severity ?
Title
Redhat JBoss Enterprise Application Platform信息泄露漏洞
Description
Red Hat JBoss Enterprise Application Platform(EAP)是美国红帽(Red Hat)公司的一套开源、基于J2EE的中间件平台,它主要用于构建、部署和托管Java应用程序与服务。WildFly是一款基于JavaEE的开源应用服务器。
Redhat JBoss Enterprise Application Platform存在信息披露漏洞。攻击者可以利用该漏洞获取到敏感信息,有助于进一步的攻击。
Severity
低
Patch Name
Redhat JBoss Enterprise Application Platform信息泄露漏洞的补丁
Patch Description
Red Hat JBoss Enterprise Application Platform(EAP)是美国红帽(Red Hat)公司的一套开源、基于J2EE的中间件平台,它主要用于构建、部署和托管Java应用程序与服务。WildFly是一款基于JavaEE的开源应用服务器。
Redhat JBoss Enterprise Application Platform存在信息披露漏洞。攻击者可以利用该漏洞获取到敏感信息,有助于进一步的攻击。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可联系供应商获得补丁信息: http://www.jboss.com/downloads/
Reference
http://www.securityfocus.com/bid/94222
Impacted products
| Name | Red Hat JBoss Enterprise Application Platform |
|---|
{
"bids": {
"bid": {
"bidNumber": "94222"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2016-7061"
}
},
"description": "Red Hat JBoss Enterprise Application Platform\uff08EAP\uff09\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u3001\u57fa\u4e8eJ2EE\u7684\u4e2d\u95f4\u4ef6\u5e73\u53f0\uff0c\u5b83\u4e3b\u8981\u7528\u4e8e\u6784\u5efa\u3001\u90e8\u7f72\u548c\u6258\u7ba1Java\u5e94\u7528\u7a0b\u5e8f\u4e0e\u670d\u52a1\u3002WildFly\u662f\u4e00\u6b3e\u57fa\u4e8eJavaEE\u7684\u5f00\u6e90\u5e94\u7528\u670d\u52a1\u5668\u3002\r\n\r\nRedhat JBoss Enterprise Application Platform\u5b58\u5728\u4fe1\u606f\u62ab\u9732\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u5230\u654f\u611f\u4fe1\u606f,\u6709\u52a9\u4e8e\u8fdb\u4e00\u6b65\u7684\u653b\u51fb\u3002",
"discovererName": "Red Hat",
"formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www.jboss.com/downloads/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-11247",
"openTime": "2016-11-18",
"patchDescription": "Red Hat JBoss Enterprise Application Platform\uff08EAP\uff09\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u3001\u57fa\u4e8eJ2EE\u7684\u4e2d\u95f4\u4ef6\u5e73\u53f0\uff0c\u5b83\u4e3b\u8981\u7528\u4e8e\u6784\u5efa\u3001\u90e8\u7f72\u548c\u6258\u7ba1Java\u5e94\u7528\u7a0b\u5e8f\u4e0e\u670d\u52a1\u3002WildFly\u662f\u4e00\u6b3e\u57fa\u4e8eJavaEE\u7684\u5f00\u6e90\u5e94\u7528\u670d\u52a1\u5668\u3002\r\n\r\nRedhat JBoss Enterprise Application Platform\u5b58\u5728\u4fe1\u606f\u62ab\u9732\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u5230\u654f\u611f\u4fe1\u606f,\u6709\u52a9\u4e8e\u8fdb\u4e00\u6b65\u7684\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Redhat JBoss Enterprise Application Platform\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Red Hat JBoss Enterprise Application Platform"
},
"referenceLink": "http://www.securityfocus.com/bid/94222",
"serverity": "\u4f4e",
"submitTime": "2016-11-14",
"title": "Redhat JBoss Enterprise Application Platform\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}
FKIE_CVE-2016-7061
Vulnerability from fkie_nvd - Published: 2018-09-10 16:29 - Updated: 2024-11-21 02:57
Severity ?
3.5 (Low) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | jboss_enterprise_application_platform | * | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "447E81F4-FF99-4844-A2CB-8F7EE76826CA",
"versionEndExcluding": "7.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en JBoss Enterprise Application Platform en versiones anteriores a la 7.0.4. Se ha descubierto que, al configurar RBAC y marcar informaci\u00f3n como sensible, los usuarios con rol Monitor pueden visualizar dicha informaci\u00f3n sensible"
}
],
"id": "CVE-2016-7061",
"lastModified": "2024-11-21T02:57:22.850",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-10T16:29:00.667",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0170.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0171.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0172.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0173.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0244.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0245.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0246.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0247.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0250.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94222"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0170.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0171.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0172.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0173.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0244.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0245.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0246.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0247.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0250.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-35GG-HFJV-3G6C
Vulnerability from github – Published: 2022-05-13 01:38 – Updated: 2022-05-13 01:38
VLAI?
Details
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
Severity ?
6.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2016-7061"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-09-10T16:29:00Z",
"severity": "MODERATE"
},
"details": "An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.",
"id": "GHSA-35gg-hfjv-3g6c",
"modified": "2022-05-13T01:38:41Z",
"published": "2022-05-13T01:38:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7061"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0170.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0171.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0172.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0173.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0244.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0245.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0246.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0247.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0250.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/94222"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GSD-2016-7061
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-7061",
"description": "An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.",
"id": "GSD-2016-7061",
"references": [
"https://access.redhat.com/errata/RHSA-2017:3458",
"https://access.redhat.com/errata/RHSA-2017:3456",
"https://access.redhat.com/errata/RHSA-2017:3455",
"https://access.redhat.com/errata/RHSA-2017:3454",
"https://access.redhat.com/errata/RHSA-2017:0250",
"https://access.redhat.com/errata/RHSA-2017:0247",
"https://access.redhat.com/errata/RHSA-2017:0246",
"https://access.redhat.com/errata/RHSA-2017:0245",
"https://access.redhat.com/errata/RHSA-2017:0244",
"https://access.redhat.com/errata/RHSA-2017:0173",
"https://access.redhat.com/errata/RHSA-2017:0172",
"https://access.redhat.com/errata/RHSA-2017:0171",
"https://access.redhat.com/errata/RHSA-2017:0170"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-7061"
],
"details": "An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.",
"id": "GSD-2016-7061",
"modified": "2023-12-13T01:21:20.968142Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-7061",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EAP",
"version": {
"version_data": [
{
"version_value": "7.0.4"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
[
{
"vectorString": "4.0/AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:0250",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0250.html"
},
{
"name": "RHSA-2017:0171",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0171.html"
},
{
"name": "RHSA-2017:3458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"name": "RHSA-2017:0244",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0244.html"
},
{
"name": "RHSA-2017:0172",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0172.html"
},
{
"name": "RHSA-2017:0246",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0246.html"
},
{
"name": "RHSA-2017:3455",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"name": "RHSA-2017:3456",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061"
},
{
"name": "94222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94222"
},
{
"name": "RHSA-2017:3454",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"name": "RHSA-2017:0170",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0170.html"
},
{
"name": "RHSA-2017:0245",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0245.html"
},
{
"name": "RHSA-2017:0247",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0247.html"
},
{
"name": "RHSA-2017:0173",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0173.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.0.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-7061"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061"
},
{
"name": "RHSA-2017:3458",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3458"
},
{
"name": "RHSA-2017:3456",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"name": "RHSA-2017:3455",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3455"
},
{
"name": "RHSA-2017:3454",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3454"
},
{
"name": "94222",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94222"
},
{
"name": "RHSA-2017:0250",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0250.html"
},
{
"name": "RHSA-2017:0247",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0247.html"
},
{
"name": "RHSA-2017:0246",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0246.html"
},
{
"name": "RHSA-2017:0245",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0245.html"
},
{
"name": "RHSA-2017:0244",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0244.html"
},
{
"name": "RHSA-2017:0173",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0173.html"
},
{
"name": "RHSA-2017:0172",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0172.html"
},
{
"name": "RHSA-2017:0171",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0171.html"
},
{
"name": "RHSA-2017:0170",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0170.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-10-09T23:19Z",
"publishedDate": "2018-09-10T16:29Z"
}
}
}
RHSA-2017:0170
Vulnerability from csaf_redhat - Published: 2017-01-18 21:52 - Updated: 2026-03-18 01:43Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 7.0.4 on RHEL 6
Severity
Moderate
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Red Hat JBoss Enterprise Application Platform 7.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.3, and includes bug fixes and enhancements, which are documented in the Release Notes, linked to in the References section.
Security Fix(es):
* An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired. (CVE-2016-8627)
* It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. (CVE-2016-7061)
The CVE-2016-8627 issue was discovered by Darran Lofthouse and Brian Stansberry (Red Hat).
Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired.
4.3 (Medium)
Affected products
Fixed
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
15 references
Acknowledgments
Red Hat
Brian Stansberry
Darran Lofthouse
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat JBoss Enterprise Application Platform 7.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.3, and includes bug fixes and enhancements, which are documented in the Release Notes, linked to in the References section.\n\nSecurity Fix(es):\n\n* An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user\u0027s browser to request the log files consuming enough resources that normal server functioning could be impaired. (CVE-2016-8627)\n\n* It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. (CVE-2016-7061)\n\nThe CVE-2016-8627 issue was discovered by Darran Lofthouse and Brian Stansberry (Red Hat).\n\nBefore applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0170",
"url": "https://access.redhat.com/errata/RHSA-2017:0170"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "1380852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380852"
},
{
"category": "external",
"summary": "1388240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388240"
},
{
"category": "external",
"summary": "JBEAP-5960",
"url": "https://issues.redhat.com/browse/JBEAP-5960"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0170.json"
}
],
"title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 7.0.4 on RHEL 6",
"tracking": {
"current_release_date": "2026-03-18T01:43:45+00:00",
"generator": {
"date": "2026-03-18T01:43:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2017:0170",
"initial_release_date": "2017-01-18T21:52:07+00:00",
"revision_history": [
{
"date": "2017-01-18T21:52:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-01-20T15:58:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T01:43:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@2.1.7-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@8.1.6-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src",
"product_id": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-transaction-spi@7.3.0-2.SP1_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.8.28-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"product_id": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-4.SP4_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-4.SP4_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.3.5-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src",
"product_id": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-aesh@0.66.12-1.redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src",
"product_id": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xml-security@2.0.7-2.redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.1-2.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@1.0.8-2.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src",
"product_id": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j@2.1.7-2.redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src",
"product_id": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.8-3.redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src",
"product": {
"name": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src",
"product_id": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.2.21-1.Final_redhat_1.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src",
"product": {
"name": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src",
"product_id": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.4-2.GA_redhat_3.1.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src",
"product": {
"name": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src",
"product_id": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.0.4-4.GA_redhat_2.1.ep7.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@2.1.7-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@8.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@8.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@8.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@8.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@8.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@8.1.6-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-transaction-spi@7.3.0-2.SP1_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.8.28-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-4.SP4_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-4.SP4_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-4.SP4_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-4.SP4_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-4.SP4_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-4.SP4_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-4.SP4_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-4.SP4_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-4.SP4_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-4.SP4_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.3.5-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.3.5-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.3.5-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.3.5-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.3.5-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.3.5-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.3.5-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.3.5-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.3.5-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-aesh@0.66.12-1.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xml-security@2.0.7-2.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.1-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@1.0.8-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-async-http-servlet-3.0@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.0.19-2.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j-policy@2.1.7-2.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-dom@2.1.7-2.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-policy-stax@2.1.7-2.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j-bindings@2.1.7-2.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-stax@2.1.7-2.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-common@2.1.7-2.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j@2.1.7-2.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.1.8-3.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.8-3.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.1.8-3.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.1.8-3.redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.2.21-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.2.21-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.2.21-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.2.21-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.2.21-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.2.21-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.2.21-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.2.21-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.2.21-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.2.21-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.2.21-1.Final_redhat_1.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.4-2.GA_redhat_3.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"product_id": "eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.0.4-4.GA_redhat_2.1.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"product": {
"name": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"product_id": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.0.4-4.GA_redhat_2.1.ep7.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src"
},
"product_reference": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src"
},
"product_reference": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch"
},
"product_reference": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src"
},
"product_reference": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-7061",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1380852"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Sensitive data can be exposed at the server level in domain mode",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-7061"
},
{
"category": "external",
"summary": "RHBZ#1380852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380852"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-7061",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7061"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7061",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7061"
}
],
"release_date": "2016-11-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-18T21:52:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0170"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "EAP: Sensitive data can be exposed at the server level in domain mode"
},
{
"acknowledgments": [
{
"names": [
"Brian Stansberry",
"Darran Lofthouse"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-8627",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2016-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1388240"
}
],
"notes": [
{
"category": "description",
"text": "An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user\u0027s browser to request the log files consuming enough resources that normal server functioning could be impaired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "admin-cli: Potential EAP resource starvation DOS attack via GET requests for server log files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8627"
},
{
"category": "external",
"summary": "RHBZ#1388240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8627"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8627",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8627"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-18T21:52:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0170"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "admin-cli: Potential EAP resource starvation DOS attack via GET requests for server log files"
}
]
}
RHSA-2017:0171
Vulnerability from csaf_redhat - Published: 2017-01-18 21:50 - Updated: 2026-03-18 01:43Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 7.0.4 for RHEL 7
Severity
Moderate
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Red Hat JBoss Enterprise Application Platform 7.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.3, and includes bug fixes and enhancements, which are documented in the Release Notes, linked to in the References section.
Security Fix(es):
* An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired. (CVE-2016-8627)
* It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. (CVE-2016-7061)
The CVE-2016-8627 issue was discovered by Darran Lofthouse and Brian Stansberry (Red Hat).
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired.
4.3 (Medium)
Affected products
Fixed
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
15 references
Acknowledgments
Red Hat
Brian Stansberry
Darran Lofthouse
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat JBoss Enterprise Application Platform 7.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.3, and includes bug fixes and enhancements, which are documented in the Release Notes, linked to in the References section.\n\nSecurity Fix(es):\n\n* An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user\u0027s browser to request the log files consuming enough resources that normal server functioning could be impaired. (CVE-2016-8627)\n\n* It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. (CVE-2016-7061)\n\nThe CVE-2016-8627 issue was discovered by Darran Lofthouse and Brian Stansberry (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0171",
"url": "https://access.redhat.com/errata/RHSA-2017:0171"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "1380852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380852"
},
{
"category": "external",
"summary": "1388240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388240"
},
{
"category": "external",
"summary": "JBEAP-5961",
"url": "https://issues.redhat.com/browse/JBEAP-5961"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0171.json"
}
],
"title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 7.0.4 for RHEL 7",
"tracking": {
"current_release_date": "2026-03-18T01:43:45+00:00",
"generator": {
"date": "2026-03-18T01:43:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2017:0171",
"initial_release_date": "2017-01-18T21:50:50+00:00",
"revision_history": [
{
"date": "2017-01-18T21:50:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-01-20T15:58:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T01:43:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@2.1.7-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@8.1.6-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src",
"product_id": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-transaction-spi@7.3.0-2.SP1_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.8.28-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"product_id": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-4.SP4_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-4.SP4_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.3.5-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src",
"product_id": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-aesh@0.66.12-1.redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src",
"product_id": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xml-security@2.0.7-2.redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@1.0.8-2.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.1-2.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src",
"product_id": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j@2.1.7-2.redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src",
"product_id": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.8-3.redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src",
"product": {
"name": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src",
"product_id": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.2.21-1.Final_redhat_1.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src",
"product": {
"name": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src",
"product_id": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.4-2.GA_redhat_3.1.ep7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src",
"product": {
"name": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src",
"product_id": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.0.4-4.GA_redhat_2.1.ep7.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@2.1.7-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@8.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@8.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@8.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@8.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@8.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@8.1.6-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-transaction-spi@7.3.0-2.SP1_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.8.28-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-4.SP4_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-4.SP4_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-4.SP4_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-4.SP4_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-4.SP4_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-4.SP4_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-4.SP4_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-4.SP4_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-4.SP4_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-4.SP4_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.3.5-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.3.5-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.3.5-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.3.5-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.3.5-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.3.5-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.3.5-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.3.5-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.3.5-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-aesh@0.66.12-1.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xml-security@2.0.7-2.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@1.0.8-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.1-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-async-http-servlet-3.0@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.0.19-2.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-dom@2.1.7-2.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j-policy@2.1.7-2.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-policy-stax@2.1.7-2.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j-bindings@2.1.7-2.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-common@2.1.7-2.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-stax@2.1.7-2.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wss4j@2.1.7-2.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.1.8-3.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.8-3.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.1.8-3.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.1.8-3.redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.2.21-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.2.21-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.2.21-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.2.21-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.2.21-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.2.21-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.2.21-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.2.21-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.2.21-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.2.21-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.2.21-1.Final_redhat_1.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.4-2.GA_redhat_3.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"product_id": "eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.0.4-4.GA_redhat_2.1.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"product": {
"name": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"product_id": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.0.4-4.GA_redhat_2.1.ep7.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src"
},
"product_reference": "eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src"
},
"product_reference": "eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch"
},
"product_reference": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src"
},
"product_reference": "eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-7061",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1380852"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Sensitive data can be exposed at the server level in domain mode",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-7061"
},
{
"category": "external",
"summary": "RHBZ#1380852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380852"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-7061",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7061"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7061",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7061"
}
],
"release_date": "2016-11-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-18T21:50:50+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0171"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "EAP: Sensitive data can be exposed at the server level in domain mode"
},
{
"acknowledgments": [
{
"names": [
"Brian Stansberry",
"Darran Lofthouse"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-8627",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2016-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1388240"
}
],
"notes": [
{
"category": "description",
"text": "An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user\u0027s browser to request the log files consuming enough resources that normal server functioning could be impaired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "admin-cli: Potential EAP resource starvation DOS attack via GET requests for server log files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8627"
},
{
"category": "external",
"summary": "RHBZ#1388240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8627"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8627",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8627"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-18T21:50:50+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0171"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-0:3.1.8-3.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-apache-cxf-rt-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-services-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-apache-cxf-tools-0:3.1.8-3.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-0:8.1.6-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-jdbc-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-cachestore-remote-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-client-hotrod-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-commons-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-infinispan-core-0:8.1.6-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.5-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.5-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-aesh-0:0.66.12-1.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ejb-client-0:2.1.7-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-genericjms-0:1.0.8-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-transaction-spi-0:7.3.0-2.SP1_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.1-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-0:5.2.21-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-narayana-compensations-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbosstxbridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jbossxts-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-idlj-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-jts-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-api-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-bridge-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-integration-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-restat-util-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-narayana-txframework-0:5.2.21-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-bindings-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-common-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-config-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-federation-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-picketlink-idm-api-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-idm-simple-schema-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-impl-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-picketlink-wildfly8-0:2.5.5-4.SP4_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-2.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-2.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-0:7.0.4-4.GA_redhat_2.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.4-2.GA_redhat_3.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.4-4.GA_redhat_2.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wildfly-web-console-eap-0:2.8.28-1.Final_redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-0:2.1.7-2.redhat_1.1.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-wss4j-bindings-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-policy-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-common-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-dom-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-policy-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-wss4j-ws-security-stax-0:2.1.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-xml-security-0:2.0.7-2.redhat_1.1.ep7.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "admin-cli: Potential EAP resource starvation DOS attack via GET requests for server log files"
}
]
}
RHSA-2017:0172
Vulnerability from csaf_redhat - Published: 2017-01-18 20:40 - Updated: 2025-11-21 17:59Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.4
Severity
Moderate
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is an application server that serves as a middleware platform and is built on open standards and compliant with the Java EE 7 specification.
This release of Red Hat JBoss Enterprise Application Platform 7.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.3, and includes bug fixes and enhancements, which are documented in the Release Notes, linked to in the References section.
Security Fix(es):
* An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired. (CVE-2016-8627)
* It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. (CVE-2016-7061)
The CVE-2016-8627 issue was discovered by Darran Lofthouse and Brian Stansberry (Red Hat).
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss EAP 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss EAP 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
15 references
Acknowledgments
Red Hat
Brian Stansberry
Darran Lofthouse
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is an application server that serves as a middleware platform and is built on open standards and compliant with the Java EE 7 specification.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.3, and includes bug fixes and enhancements, which are documented in the Release Notes, linked to in the References section.\n\nSecurity Fix(es):\n\n* An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user\u0027s browser to request the log files consuming enough resources that normal server functioning could be impaired. (CVE-2016-8627)\n\n* It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. (CVE-2016-7061)\n\nThe CVE-2016-8627 issue was discovered by Darran Lofthouse and Brian Stansberry (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0172",
"url": "https://access.redhat.com/errata/RHSA-2017:0172"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "1380852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380852"
},
{
"category": "external",
"summary": "1388240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388240"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0172.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.4",
"tracking": {
"current_release_date": "2025-11-21T17:59:13+00:00",
"generator": {
"date": "2025-11-21T17:59:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:0172",
"initial_release_date": "2017-01-18T20:40:13+00:00",
"revision_history": [
{
"date": "2017-01-18T20:40:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-01-18T20:40:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:59:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7",
"product": {
"name": "Red Hat JBoss EAP 7",
"product_id": "Red Hat JBoss EAP 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-7061",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1380852"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Sensitive data can be exposed at the server level in domain mode",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-7061"
},
{
"category": "external",
"summary": "RHBZ#1380852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380852"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-7061",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7061"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7061",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7061"
}
],
"release_date": "2016-11-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-18T20:40:13+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss EAP 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0172"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "EAP: Sensitive data can be exposed at the server level in domain mode"
},
{
"acknowledgments": [
{
"names": [
"Brian Stansberry",
"Darran Lofthouse"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-8627",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2016-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1388240"
}
],
"notes": [
{
"category": "description",
"text": "An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user\u0027s browser to request the log files consuming enough resources that normal server functioning could be impaired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "admin-cli: Potential EAP resource starvation DOS attack via GET requests for server log files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8627"
},
{
"category": "external",
"summary": "RHBZ#1388240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8627"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8627",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8627"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-18T20:40:13+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss EAP 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0172"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "admin-cli: Potential EAP resource starvation DOS attack via GET requests for server log files"
}
]
}
RHSA-2017:0173
Vulnerability from csaf_redhat - Published: 2017-01-18 22:12 - Updated: 2026-03-18 01:43Summary
Red Hat Security Advisory: eap7-jboss-ec2-eap security update
Severity
Moderate
Notes
Topic: An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 and Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The eap7-jboss-ec2-eap package provides scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.4.
Refer to the JBoss Enterprise Application Platform 7.0.4 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired. (CVE-2016-8627)
* It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. (CVE-2016-7061)
The CVE-2016-8627 issue was discovered by Darran Lofthouse and Brian Stansberry (Red Hat).
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired.
4.3 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
15 references
Acknowledgments
Red Hat
Brian Stansberry
Darran Lofthouse
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 and Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The eap7-jboss-ec2-eap package provides scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.4.\n\nRefer to the JBoss Enterprise Application Platform 7.0.4 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user\u0027s browser to request the log files consuming enough resources that normal server functioning could be impaired. (CVE-2016-8627)\n\n* It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. (CVE-2016-7061)\n\nThe CVE-2016-8627 issue was discovered by Darran Lofthouse and Brian Stansberry (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0173",
"url": "https://access.redhat.com/errata/RHSA-2017:0173"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "1380852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380852"
},
{
"category": "external",
"summary": "1388240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388240"
},
{
"category": "external",
"summary": "JBEAP-5962",
"url": "https://issues.redhat.com/browse/JBEAP-5962"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0173.json"
}
],
"title": "Red Hat Security Advisory: eap7-jboss-ec2-eap security update",
"tracking": {
"current_release_date": "2026-03-18T01:43:47+00:00",
"generator": {
"date": "2026-03-18T01:43:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2017:0173",
"initial_release_date": "2017-01-18T22:12:14+00:00",
"revision_history": [
{
"date": "2017-01-18T22:12:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-01-20T16:06:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T01:43:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src",
"product": {
"name": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src",
"product_id": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.4-5.GA_redhat_2.ep7.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src",
"product": {
"name": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src",
"product_id": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.4-5.GA_redhat_2.ep7.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"product_id": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.4-5.GA_redhat_2.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"product": {
"name": "eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"product_id": "eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap-samples@7.0.4-5.GA_redhat_2.ep7.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"product_id": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.4-5.GA_redhat_2.ep7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"product": {
"name": "eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"product_id": "eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap-samples@7.0.4-5.GA_redhat_2.ep7.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src"
},
"product_reference": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch"
},
"product_reference": "eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src"
},
"product_reference": "eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src",
"relates_to_product_reference": "7Server-JBEAP-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch"
},
"product_reference": "eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-7061",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1380852"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Sensitive data can be exposed at the server level in domain mode",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-7061"
},
{
"category": "external",
"summary": "RHBZ#1380852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380852"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-7061",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7061"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7061",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7061"
}
],
"release_date": "2016-11-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-18T22:12:14+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0173"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "EAP: Sensitive data can be exposed at the server level in domain mode"
},
{
"acknowledgments": [
{
"names": [
"Brian Stansberry",
"Darran Lofthouse"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-8627",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2016-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1388240"
}
],
"notes": [
{
"category": "description",
"text": "An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user\u0027s browser to request the log files consuming enough resources that normal server functioning could be impaired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "admin-cli: Potential EAP resource starvation DOS attack via GET requests for server log files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8627"
},
{
"category": "external",
"summary": "RHBZ#1388240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8627"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8627",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8627"
}
],
"release_date": "2017-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-18T22:12:14+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0173"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el6.src",
"6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el6.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.4-5.GA_redhat_2.ep7.el7.src",
"7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.4-5.GA_redhat_2.ep7.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "admin-cli: Potential EAP resource starvation DOS attack via GET requests for server log files"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…