Language:
http://www.nessus.org/u?5ad39889
http://www.nessus.org/u?8998cec3
http://www.nessus.org/u?fdc49160
https://access.redhat.com/security/updates/classification/#important
https://issues.redhat.com/browse/JBEAP-18071
https://issues.redhat.com/browse/JBEAP-18267
https://issues.redhat.com/browse/JBEAP-18278
https://issues.redhat.com/browse/JBEAP-18423
https://issues.redhat.com/browse/JBEAP-18438
https://issues.redhat.com/browse/JBEAP-18503
https://issues.redhat.com/browse/JBEAP-18506
https://access.redhat.com/errata/RHSA-2020:2060
https://bugzilla.redhat.com/show_bug.cgi?id=1715075
https://bugzilla.redhat.com/show_bug.cgi?id=1752770
https://bugzilla.redhat.com/show_bug.cgi?id=1796617
https://bugzilla.redhat.com/show_bug.cgi?id=1797006
https://bugzilla.redhat.com/show_bug.cgi?id=1797011
https://bugzilla.redhat.com/show_bug.cgi?id=1801380
https://bugzilla.redhat.com/show_bug.cgi?id=1801726
https://bugzilla.redhat.com/show_bug.cgi?id=1802444
https://bugzilla.redhat.com/show_bug.cgi?id=1803241
https://bugzilla.redhat.com/show_bug.cgi?id=1807305
https://bugzilla.redhat.com/show_bug.cgi?id=1828459
https://issues.redhat.com/browse/JBEAP-18536
https://issues.redhat.com/browse/JBEAP-18595
https://issues.redhat.com/browse/JBEAP-18616
https://issues.redhat.com/browse/JBEAP-18628
https://issues.redhat.com/browse/JBEAP-18631
https://issues.redhat.com/browse/JBEAP-18639
https://issues.redhat.com/browse/JBEAP-18646
https://issues.redhat.com/browse/JBEAP-18652
https://issues.redhat.com/browse/JBEAP-18664
https://issues.redhat.com/browse/JBEAP-18724
https://issues.redhat.com/browse/JBEAP-18729
https://issues.redhat.com/browse/JBEAP-18787
https://issues.redhat.com/browse/JBEAP-18789
https://issues.redhat.com/browse/JBEAP-18817
https://issues.redhat.com/browse/JBEAP-18827
https://issues.redhat.com/browse/JBEAP-18835
https://issues.redhat.com/browse/JBEAP-18885
https://issues.redhat.com/browse/JBEAP-18887
https://issues.redhat.com/browse/JBEAP-18931
https://issues.redhat.com/browse/JBEAP-18988
https://issues.redhat.com/browse/JBEAP-18989
Severity: Critical
ID: 136495
File Name: redhat-RHSA-2020-2060.nasl
Version: 1.13
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 5/12/2020
Updated: 11/7/2024
Supported Sensors: Agentless Assessment, continuous_assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Factor: Medium
Score: 6.7
Vendor Severity: Important
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2020-1745
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CPE: p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-xmlsec-impl, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jsf-api_2.3_spec, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-security-api, p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-api, p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-el, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-security-impl, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools, p-cpe:/a:redhat:enterprise_linux:eap7-jgroups, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions, p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-bridge, p-cpe:/a:redhat:enterprise_linux:eap7-picketbox, p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-idlj, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-search, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-invocation, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-ws-security-stax, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-xacml-impl, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli, p-cpe:/a:redhat:enterprise_linux:eap7-jgroups-azure, p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-tools, p-cpe:/a:redhat:enterprise_linux:eap7-smallrye-config, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-soap-api, p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-jaxrs, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-search-orm, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto, p-cpe:/a:redhat:enterprise_linux:eap7-httpcomponents-core, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy, p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-el-impl, p-cpe:/a:redhat:enterprise_linux:eap7-jaxbintros, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-websocket-api_1.1_spec, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider, p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-core-asl, p-cpe:/a:redhat:enterprise_linux:eap7-weld-cdi-2.0-api, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider, p-cpe:/a:redhat:enterprise_linux:eap7-cryptacular, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0, p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-util, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol, p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-xc, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-xmlsec-api, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-ws-security-policy-stax, p-cpe:/a:redhat:enterprise_linux:eap7-jasypt, p-cpe:/a:redhat:enterprise_linux:eap7-javaee-security-soteria-enterprise, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0, p-cpe:/a:redhat:enterprise_linux:eap7-jgroups-kubernetes, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-classfilewriter, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-core, p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jts-integration, p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-pkix, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-batch-api_1.0_spec, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs, p-cpe:/a:redhat:enterprise_linux:eap7-narayana-txframework, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-profile-api, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-saml-impl, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-saml-api, p-cpe:/a:redhat:enterprise_linux:eap7-mod_cluster, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4, p-cpe:/a:redhat:enterprise_linux:eap7-narayana-restat-integration, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting-jmx, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle, p-cpe:/a:redhat:enterprise_linux:eap7-ws-commons-xmlschema, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-commons-annotations, p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt, p-cpe:/a:redhat:enterprise_linux:eap7-undertow, p-cpe:/a:redhat:enterprise_linux:eap7-picketbox-infinispan, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-search-backend-jgroups, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-xacml-saml-impl, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0, p-cpe:/a:redhat:enterprise_linux:eap7-narayana-compensations, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-ws-security-common, p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-javamail, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-search-engine, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server, p-cpe:/a:redhat:enterprise_linux:eap7-jbossws-common, p-cpe:/a:redhat:enterprise_linux:eap7-hal-console, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-xacml-api, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml, p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-rt, p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-api_3.2_spec, p-cpe:/a:redhat:enterprise_linux:eap7-narayana, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-common-beans, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-naming-client, p-cpe:/a:redhat:enterprise_linux:eap7-httpcomponents-client, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-search-serialization-avro, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-policy, p-cpe:/a:redhat:enterprise_linux:eap7-smallrye-health, p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-services, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-xacml-saml-api, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbosstxbridge, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-security-negotiation, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-ws-security-dom, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-openjdk-orb, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client, p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-prov, p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-mail, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-threads, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider, p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-mapper-asl, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-bindings, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting, p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf, p-cpe:/a:redhat:enterprise_linux:eap7-narayana-jbossxts, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector, p-cpe:/a:redhat:enterprise_linux:eap7-slf4j-jboss-logmanager, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs, p-cpe:/a:redhat:enterprise_linux:eap7-javaee-security-soteria, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-modules, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-search-backend-jms
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/11/2020
Vulnerability Publication Date: 11/18/2019
CVE: CVE-2019-10172, CVE-2019-12423, CVE-2019-17573, CVE-2020-10705, CVE-2020-10719, CVE-2020-1719, CVE-2020-1729, CVE-2020-1732, CVE-2020-1745, CVE-2020-1757, CVE-2020-7226