Language:
https://access.redhat.com/documentation/en-us/
https://access.redhat.com/errata/RHSA-2017:1410
https://access.redhat.com/security/cve/cve-2016-9606
https://access.redhat.com/security/cve/cve-2017-2595
Severity: High
ID: 112258
File Name: redhat-RHSA-2017-1410.nasl
Version: 1.7
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 9/4/2018
Updated: 8/12/2024
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Factor: Medium
Score: 5.9
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2016-9606
Risk Factor: High
Base Score: 8.1
Temporal Score: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator, p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-api, p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-federation, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt, p-cpe:/a:redhat:enterprise_linux:eap7-undertow, p-cpe:/a:redhat:enterprise_linux:eap7-picketbox-infinispan, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider, p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-simple-schema, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-common, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-web, p-cpe:/a:redhat:enterprise_linux:eap7-jbossws-cxf, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-ws-security-common, p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-javamail, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server, p-cpe:/a:redhat:enterprise_linux:eap7-jbossws-common, p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-impl, p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-rt, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-infinispan, p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-security-negotiation, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-ws-security-dom, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-bindings, p-cpe:/a:redhat:enterprise_linux:eap7-jbossws-common-tools, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-policy, p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-services, p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf, p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-impl, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-modules, p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-idm-api, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl, p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-config, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan, p-cpe:/a:redhat:enterprise_linux:eap7-commons-logging-jboss-logmanager, p-cpe:/a:redhat:enterprise_linux:eap7-jbossws-spi, cpe:/o:redhat:enterprise_linux:6, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-ejb, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions, p-cpe:/a:redhat:enterprise_linux:eap7-picketbox, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-ws-security-stax, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli, p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-tools, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator-cdi, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-el-api_3.0_spec, p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-ear, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-metadata-appclient, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-ws-security-policy-stax, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-async-http-servlet-3.0, p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-common, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logging, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-native, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Ease: No known exploits are available
Patch Publication Date: 6/7/2017
Vulnerability Publication Date: 3/9/2018
CVE: CVE-2016-9606, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670
RHSA: 2017:1410