Language:
http://www.nessus.org/u?327e7d12
http://www.nessus.org/u?507a0e38
http://www.nessus.org/u?95a15247
https://access.redhat.com/errata/RHSA-2023:7639
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
https://bugzilla.redhat.com/show_bug.cgi?id=2184751
https://bugzilla.redhat.com/show_bug.cgi?id=2215229
https://bugzilla.redhat.com/show_bug.cgi?id=2236340
https://bugzilla.redhat.com/show_bug.cgi?id=2236341
https://bugzilla.redhat.com/show_bug.cgi?id=2240036
https://bugzilla.redhat.com/show_bug.cgi?id=2242521
https://bugzilla.redhat.com/show_bug.cgi?id=2242803
https://issues.redhat.com/browse/JBEAP-25004
https://issues.redhat.com/browse/JBEAP-25085
https://issues.redhat.com/browse/JBEAP-25086
https://issues.redhat.com/browse/JBEAP-25378
https://issues.redhat.com/browse/JBEAP-25380
https://issues.redhat.com/browse/JBEAP-25419
https://issues.redhat.com/browse/JBEAP-25451
https://issues.redhat.com/browse/JBEAP-25457
https://issues.redhat.com/browse/JBEAP-25541
https://issues.redhat.com/browse/JBEAP-25547
https://issues.redhat.com/browse/JBEAP-25576
https://issues.redhat.com/browse/JBEAP-25594
https://issues.redhat.com/browse/JBEAP-25627
https://issues.redhat.com/browse/JBEAP-25657
https://issues.redhat.com/browse/JBEAP-25685
https://issues.redhat.com/browse/JBEAP-25700
https://issues.redhat.com/browse/JBEAP-25716
https://issues.redhat.com/browse/JBEAP-25726
https://issues.redhat.com/browse/JBEAP-25772
https://issues.redhat.com/browse/JBEAP-25779
https://issues.redhat.com/browse/JBEAP-25803
Severity: Critical
ID: 186544
File Name: redhat-RHSA-2023-7639.nasl
Version: 1.8
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 12/4/2023
Updated: 11/7/2024
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Factor: Medium
Score: 6.7
Vendor Severity: Important
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N
CVSS Score Source: CVE-2023-4503
Risk Factor: High
Base Score: 7.5
Temporal Score: 7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Risk Factor: Critical
Base Score: 9.3
Threat Score: 9.3
Threat Vector: CVSS:4.0/E:A
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score Source: CVE-2023-44487
CPE: p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jsp-api_2.3_spec, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk17, p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core, p-cpe:/a:redhat:enterprise_linux:eap7-avro, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8, p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol, cpe:/o:redhat:enterprise_linux:9, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools, p-cpe:/a:redhat:enterprise_linux:eap7-weld-web, p-cpe:/a:redhat:enterprise_linux:eap7-yasson, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client, p-cpe:/a:redhat:enterprise_linux:eap7-apache-sshd, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-component-annotations, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53, p-cpe:/a:redhat:enterprise_linux:eap7-jgroups, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli, p-cpe:/a:redhat:enterprise_linux:eap7-jandex, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling-river, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons, p-cpe:/a:redhat:enterprise_linux:eap7-undertow, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl, p-cpe:/a:redhat:enterprise_linux:eap7-guava, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis, p-cpe:/a:redhat:enterprise_linux:eap7-jbossws-cxf, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate, p-cpe:/a:redhat:enterprise_linux:eap7-hal-console, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-marshalling, p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core, p-cpe:/a:redhat:enterprise_linux:eap7-guava-libraries, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/4/2023
Vulnerability Publication Date: 4/18/2023
CISA Known Exploited Vulnerability Due Dates: 10/31/2023
CVE: CVE-2023-26048, CVE-2023-26049, CVE-2023-2976, CVE-2023-35887, CVE-2023-39410, CVE-2023-44487, CVE-2023-4503, CVE-2023-5685