Language:
http://www.nessus.org/u?40e3f21d
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/errata/RHSA-2022:0970
https://bugzilla.redhat.com/show_bug.cgi?id=2015311
https://bugzilla.redhat.com/show_bug.cgi?id=2015648
https://bugzilla.redhat.com/show_bug.cgi?id=2041417
https://bugzilla.redhat.com/show_bug.cgi?id=2041427
https://bugzilla.redhat.com/show_bug.cgi?id=2041491
https://bugzilla.redhat.com/show_bug.cgi?id=2041785
https://bugzilla.redhat.com/show_bug.cgi?id=2041801
Severity: Medium
ID: 159108
File Name: redhat-RHSA-2022-0970.nasl
Version: 1.12
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 3/21/2022
Updated: 11/7/2024
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Factor: Medium
Score: 4.4
Vendor Severity: Moderate
Risk Factor: High
Base Score: 7.1
Temporal Score: 5.6
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:N/A:N
CVSS Score Source: CVE-2021-35550
Risk Factor: Medium
Base Score: 5.9
Temporal Score: 5.3
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CPE: p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-headless, p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-webstart, p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-plugin, p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-demo, p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm, p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-jdbc, p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-src, p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-devel, cpe:/o:redhat:enterprise_linux:8
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/21/2022
Vulnerability Publication Date: 10/19/2021
CVE: CVE-2021-35550, CVE-2021-35603, CVE-2022-21248, CVE-2022-21293, CVE-2022-21294, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365