Language:
http://www.nessus.org/u?2655404d
http://www.nessus.org/u?34e23b20
http://www.nessus.org/u?39676da8
https://access.redhat.com/errata/RHSA-2020:3463
https://bugzilla.redhat.com/show_bug.cgi?id=1666499
https://bugzilla.redhat.com/show_bug.cgi?id=1694235
https://bugzilla.redhat.com/show_bug.cgi?id=1785049
https://bugzilla.redhat.com/show_bug.cgi?id=1793970
https://bugzilla.redhat.com/show_bug.cgi?id=1805501
https://bugzilla.redhat.com/show_bug.cgi?id=1807707
https://bugzilla.redhat.com/show_bug.cgi?id=1815470
https://bugzilla.redhat.com/show_bug.cgi?id=1815495
https://bugzilla.redhat.com/show_bug.cgi?id=1825714
https://bugzilla.redhat.com/show_bug.cgi?id=1828476
https://bugzilla.redhat.com/show_bug.cgi?id=1834512
https://bugzilla.redhat.com/show_bug.cgi?id=1853595
https://issues.redhat.com/browse/JBEAP-19095
https://issues.redhat.com/browse/JBEAP-19134
https://issues.redhat.com/browse/JBEAP-19185
https://issues.redhat.com/browse/JBEAP-19203
https://issues.redhat.com/browse/JBEAP-19269
https://issues.redhat.com/browse/JBEAP-19322
https://issues.redhat.com/browse/JBEAP-19325
https://issues.redhat.com/browse/JBEAP-19397
https://issues.redhat.com/browse/JBEAP-19410
https://issues.redhat.com/browse/JBEAP-19411
https://issues.redhat.com/browse/JBEAP-19529
https://issues.redhat.com/browse/JBEAP-19564
https://issues.redhat.com/browse/JBEAP-19585
https://issues.redhat.com/browse/JBEAP-19617
https://issues.redhat.com/browse/JBEAP-19619
https://issues.redhat.com/browse/JBEAP-19673
https://issues.redhat.com/browse/JBEAP-19674
https://issues.redhat.com/browse/JBEAP-19874
https://access.redhat.com/security/updates/classification/#important
Severity: Critical
ID: 139619
File Name: redhat-RHSA-2020-3463.nasl
Version: 1.12
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 8/17/2020
Updated: 11/7/2024
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Factor: Medium
Score: 6.7
Vendor Severity: Important
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2020-10683
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jsf-api_2.3_spec, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-annotations, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-common, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly16.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator-cdi, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-base, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-genericjms, p-cpe:/a:redhat:enterprise_linux:eap7-netty, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-providers, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly17.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc, p-cpe:/a:redhat:enterprise_linux:eap7-netty-all, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jsr310, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly18.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jdk8, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly15.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server, p-cpe:/a:redhat:enterprise_linux:eap7-undertow, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-java8, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0, p-cpe:/a:redhat:enterprise_linux:eap7-dom4j, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base, p-cpe:/a:redhat:enterprise_linux:eap7-hal-console, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool, p-cpe:/a:redhat:enterprise_linux:eap7-undertow-server, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-core, p-cpe:/a:redhat:enterprise_linux:eap7-elytron-web, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Ease: No known exploits are available
Patch Publication Date: 8/17/2020
Vulnerability Publication Date: 3/18/2020
CVE: CVE-2019-14900, CVE-2020-10672, CVE-2020-10673, CVE-2020-10683, CVE-2020-10687, CVE-2020-10693, CVE-2020-10714, CVE-2020-10718, CVE-2020-10740, CVE-2020-11612, CVE-2020-14297, CVE-2020-14307, CVE-2020-1710, CVE-2020-1748