All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled. Users are recommended to upgrade to version 2.2.6, 2.3.4, or 3.0.3, which fixes this issue.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0799 advisory.

    Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides     authentication and standards-based single sign-on capabilities for web and mobile applications.

    This release of Red Hat Single Sign-On 7.6.7 on RHEL 8 serves as a replacement for Red Hat Single Sign-On     7.6.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked     to in the References.

    Security Fix(es):
    * redirect_uri validation logic that allows for a bypass of otherwise explicitly allowed hosts     (CVE-2023-6291)
    * guava: insecure temporary directory creation (CVE-2023-2976)
    * jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()     (CVE-2023-26048)
    * jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)
    * reflected XSS via wildcard in OIDC redirect_uri (CVE-2023-6134)
    * open redirect via form_post.jwt JARM response mode (CVE-2023-6927)
    * santuario: Private Key disclosure in debug-log output (CVE-2023-44483)
    * Log Injection during WebAuthn authentication or registration (CVE-2023-6484)3-44483)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0798 advisory.

    Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides     authentication and standards-based single sign-on capabilities for web and mobile applications.

    This release of Red Hat Single Sign-On 7.6.7 on RHEL 7 serves as a replacement for Red Hat Single Sign-On     7.6.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked     to in the References.

    Security Fix(es):
    * redirect_uri validation logic that allows for a bypass of otherwise explicitly allowed hosts     (CVE-2023-6291)
    * guava: insecure temporary directory creation (CVE-2023-2976)
    * jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()     (CVE-2023-26048)
    * jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)
    * reflected XSS via wildcard in OIDC redirect_uri (CVE-2023-6134)
    * open redirect via form_post.jwt JARM response mode (CVE-2023-6927)
    * santuario: Private Key disclosure in debug-log output (CVE-2023-44483)
    * Log Injection during WebAuthn authentication or registration (CVE-2023-6484)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0800 advisory.

    Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides     authentication and standards-based single sign-on capabilities for web and mobile applications.

    This release of Red Hat Single Sign-On 7.6.7 on RHEL 9 serves as a replacement for Red Hat Single Sign-On     7.6.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked     to in the References.

    Security Fix(es):
    * redirect_uri validation logic that allows for a bypass of otherwise explicitly allowed hosts     (CVE-2023-6291)
    * guava: insecure temporary directory creation (CVE-2023-2976)
    * jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()     (CVE-2023-26048)
    * jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)
    * reflected XSS via wildcard in OIDC redirect_uri (CVE-2023-6134)
    * open redirect via form_post.jwt JARM response mode (CVE-2023-6927)
    * santuario: Private Key disclosure in debug-log output (CVE-2023-44483)
    * Log Injection during WebAuthn authentication or registration (CVE-2023-6484)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0711 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly     application runtime.

    This release of Red Hat JBoss Enterprise Application Platform 7.4.15 serves as a replacement for Red Hat     JBoss Enterprise Application Platform 7.4.14, and includes bug fixes and enhancements. See the Red Hat     JBoss Enterprise Application Platform 7.4.15 Release Notes for information about the most significant bug     fixes and enhancements included in this release.

    Security Fix(es):

    * jgit: arbitrary file overwrite (CVE-2023-4759)

    * santuario: Private Key disclosure in debug-log output (CVE-2023-44483)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0712 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly     application runtime.

    This release of Red Hat JBoss Enterprise Application Platform 7.4.15 serves as a replacement for Red Hat     JBoss Enterprise Application Platform 7.4.14, and includes bug fixes and enhancements. See the Red Hat     JBoss Enterprise Application Platform 7.4.15 Release Notes for information about the most significant bug     fixes and enhancements included in this release.

    Security Fix(es):

    * santuario: Private Key disclosure in debug-log output (CVE-2023-44483)

    * jgit: arbitrary file overwrite (CVE-2023-4759)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0710 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly     application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.15 serves as a     replacement for Red Hat JBoss Enterprise Application Platform 7.4.14, and includes bug fixes and     enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.15 Release Notes for information     about the most significant bug fixes and enhancements included in this release.

    Security Fix(es):

    * santuario: Private Key disclosure in debug-log output [eap-7.4.z] (CVE-2023-44483)

    * jgit: arbitrary file overwrite [eap-7.4.z] (CVE-2023-4759)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Oracle WebLogic Server installed on the remote host is missing a security patch from the January 2024 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities, including:

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Centralized Thirdparty     Jars (NekoHTML)). Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to     compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the     attacker. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.
    (CVE-2023-49093)

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Easily     exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle     WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional     products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or     modification access to critical data or all Oracle WebLogic Server accessible data. (CVE-2024-20927)

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Easily     exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle     WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or     complete access to all Oracle WebLogic Server accessible data. (CVE-2024-20931)

  Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the January 2024 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities:

  - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework     (Bouncy Castle Java Library)). Easily exploitable vulnerability allows unauthenticated attacker with network access     via LDAP to compromise Oracle WebCenter Portal. Successful attacks of this vulnerability can result in unauthorized     read access to a subset of Oracle WebCenter Portal accessible data. (CVE-2023-33201)

  - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework     (Apache Solr)). Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to     compromise Oracle WebCenter Portal. Successful attacks of this vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete DOS) of Oracle WebCenter Portal. (CVE-2021-33813)

  - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework     (Apache Commons Compress)). Easily exploitable vulnerability allows unauthenticated attacker with logon to the     infrastructure where Oracle WebCenter Portal executes to compromise Oracle WebCenter Portal. Successful attacks     require human interaction from a person other than the attacker. Successful attacks of this vulnerability can     result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebCenter     Portal. (CVE-2023-42503)

Note that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
190501	RHEL 8 : Red Hat Single Sign-On 7.6.7 security update on RHEL 8 (Important) (RHSA-2024:0799)	Nessus	Red Hat Local Security Checks	high
190499	RHEL 7 : Red Hat Single Sign-On 7.6.7 security update on RHEL 7 (Important) (RHSA-2024:0798)	Nessus	Red Hat Local Security Checks	high
190496	RHEL 9 : Red Hat Single Sign-On 7.6.7 security update on RHEL 9 (Important) (RHSA-2024:0800)	Nessus	Red Hat Local Security Checks	high
190092	RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.15 Security update (Moderate) (RHSA-2024:0711)	Nessus	Red Hat Local Security Checks	high
190091	RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.15 (RHSA-2024:0712)	Nessus	Red Hat Local Security Checks	high
190090	RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.15 Security update (Moderate) (RHSA-2024:0710)	Nessus	Red Hat Local Security Checks	high
189176	Oracle WebLogic Server (January 2024 CPU)	Nessus	Misc.	critical
189118	Oracle WebCenter Portal Multiple Vulnerabilities (January 2024 CPU)	Nessus	Misc.	medium

Detections

Analytics

CVE-2023-44483

medium

Tenable Plugins

high

high

high

high

high

high

critical

medium