The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3639 advisory.

    This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat     JBoss Enterprise Application Platform 7.2.8, and includes bug fixes and enhancements. See the Red Hat     JBoss Enterprise Application Platform 7.2.9 Release Notes for information about the most significant bug     fixes and enhancements included in this release.

    Security Fix(es):

    * jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)

    * jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)

    * jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)

    * jackson-databind: mishandles the interaction between serialization gadgets and typing which could result     in remote command execution (CVE-2020-10672)

    * jackson-databind: mishandles the interaction between serialization gadgets and typing which could result     in remote command execution (CVE-2020-10673)

    * jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)

    * undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)

    * wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in     HTTP requests (CVE-2020-10687)

    * jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of     CVE-2018-14371 (CVE-2020-6950)

    * resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class     (CVE-2020-1695)

    * wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)

    * dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)

    * wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain     (CVE-2020-1748)

    * hibernate-validator: Improper input validation in the interpolation of constraint error messages     (CVE-2020-10693)

    * hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)

    * wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)

     wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)

    * jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is     received causing Denial of Service (CVE-2020-14307)

    * jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service     (CVE-2020-14297)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, see the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2511 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly     application runtime.

    This release of Red Hat JBoss Enterprise Application Platform 7.3.1 serves as a replacement for Red Hat     JBoss Enterprise Application Platform 7.3.0, and includes bug fixes and enhancements. See the Red Hat     JBoss Enterprise Application Platform 7.3.1 Release Notes for information about the most significant bug     fixes and enhancements included in this release.

    Security Fix(es):

    * cxf: reflected XSS in the services listing page (CVE-2019-17573)

    * cxf-core: cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)

    * jackson-mapper-asl: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)

    * undertow: servletPath in normalized incorrectly leading to dangerous application mapping which could     result in security bypass (CVE-2020-1757)

    * jackson-databind: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)

    * jackson-mapper-asl: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)

    * resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class     (CVE-2020-1695)

    * cryptacular: excessive memory allocation during a decode operation (CVE-2020-7226)

    * smallrye-config: SmallRye: SecuritySupport class is incorrectly public and contains a static method to     access the current threads context class loader (CVE-2020-1729)

    * resteasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack (CVE-2020-10688)

    * jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)

    * undertow: invalid HTTP request with large chunk size (CVE-2020-10719)

    * jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)

    * jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)

    * jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)

    * undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)

    * libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)

    * libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)

    * wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider     is in use (CVE-2019-14887)

    * jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of     CVE-2018-14371 (CVE-2020-6950)

    * jsf-impl: mojarra: Path traversal in ResourceManager.java:getLocalePrefix() via the loc parameter     (CVE-2018-14371)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, see the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Oracle WebLogic Server installed on the remote host is missing a security patch from the April 2023 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities, including:

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console     (Apache Commons FileUpload)). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and     14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP     to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized     ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server.
    (CVE-2023-24998)

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Samples     (XStream)). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable     vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic     Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of Oracle WebLogic Server. (CVE-2022-40152)

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Third Party     (Apache Commons Compress)). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily     exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise     Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. (CVE-2021-36090)

  Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Payara Releases reports :

The following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases :

- CVE-2020-6950 Eclipse Mojarra vulnerable to path trasversal flaw via either loc/con parameters

The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities:

  - An unspecified vulnerability in the Third Party Tools     (Bouncy Castle Java Library) component of Oracle WebLogic     Server. An unauthenticated attacker with network access     via HTTPS could exploit this vulnerability to compromise     Oracle WebLogic Server. A successful attack of this     vulnerability can result in unauthorized ability to cause     a hang or frequently repeatable crash (complete DOS) of     Oracle WebLogic Server. (CVE-2019-1735)

  - An unspecified vulnerability in the Console component of     Oracle WebLogic Server.  An unauthenticated attacker with     network access via HTTP could exploit this vulnerability     to compromise Oracle WebLogic Server. A successful attack     requires human interaction from a person other than the     attacker. A successful attacks of this vulnerability can     result in unauthorized ability to cause a partial denial     of service (partial DOS) of Oracle WebLogic Server.
    (CVE-2020-2519)   
  - An unspecified vulnerability in the Console component of     Oracle WebLogic Server.  An unauthenticated attacker with     network access via HTTP could exploit this vulnerability     to compromise Oracle WebLogic Server. A successful attack     requires human interaction from a person other than the     attacker. A successful attack of this vulnerability can     result in unauthorized update, insert or delete access     to some of Oracle WebLogic Server accessible data.
    (CVE-2020-2544)   
  - An unspecified vulnerability in the Application     Container - JavaEE component of Oracle WebLogic Server.
    An unauthenticated attacker with network access via T3     could exploit this vulnerability to compromise Oracle     WebLogic Server. A successful attack of this vulnerability     can result in takeover of Oracle WebLogic Server.
    (CVE-2020-2546)   
  - An unspecified vulnerability in the Console component of     Oracle WebLogic Server. A high privileged attacker with     network access via HTTP could exploit this vulnerability     to compromise Oracle WebLogic Server. A successful attack     requires human interaction from a person other than the     attacker and while the vulnerability is in Oracle WebLogic     Server, attacks may significantly impact additional     products. Successful attacks of this vulnerability can     result in unauthorized update, insert or delete access to     some of Oracle WebLogic Server accessible data as well as     unauthorized read access to a subset of Oracle WebLogic     Server accessible data. (CVE-2020-2547)   
  - An unspecified vulnerability in the WLS Core Components     of Oracle WebLogic Server. A high privileged attacker     with network access via HTTP could exploit this     vulnerability to compromise Oracle WebLogic Server.
    A successful attack requires human interaction from a     person other than the attacker and while the vulnerability     is in Oracle WebLogic Server, attacks may significantly     impact additional products. Successful attacks of this     vulnerability can result in unauthorized update, insert or     delete access to some of Oracle WebLogic Server accessible     data as well as unauthorized read access to a subset of     Oracle WebLogic Server accessible data.
    (CVE-2020-2548)   
  - An unspecified vulnerability in the WLS Core Components     of Oracle WebLogic Server. A high privileged attacker with     network access via HTTP could exploit this vulnerability to     compromise Oracle WebLogic Server. A successful attack of this     vulnerability can result in takeover of Oracle WebLogic Server.
    (CVE-2020-2549)   
  - An unspecified vulnerability in the WLS Core Components     of Oracle WebLogic Server. A high privileged attacker with     logon to the infrastructure where Oracle WebLogic Server     executes could exploit this vulnerability to compromise     racle WebLogic Server. A successful attack of this     vulnerability can result in unauthorized access to critical     data or complete access to all Oracle WebLogic Server     accessible data.
    (CVE-2020-2550)   
  - An unspecified vulnerability in the WLS Core Components of     Oracle WebLogic Server. An unauthenticated attacker with     network access via IIOP could exploit this vulnerability to     compromise Oracle WebLogic Server. A successful attack of this     vulnerability can result in takeover of Oracle WebLogic Server.
    (CVE-2020-2551)   
  - An unspecified vulnerability in the WLS Core Components of     Oracle WebLogic Server. A high privileged attacker with     network access via HTTP could exploit this vulnerability     to compromise Oracle WebLogic Server. A successful attack     requires human interaction from a person other than the     attacker and while the vulnerability is in Oracle     WebLogic Server, attacks may significantly impact     additional products. A successful attack of this     vulnerability can result in unauthorized update,     insert or delete access to some of Oracle WebLogic     Server accessible data as well as unauthorized read     access to a subset of Oracle WebLogic Server accessible     data. (CVE-2020-2552)   
  - An unspecified vulnerability in the Web Container     (JavaServer Faces) Components of Oracle WebLogic Server.
    An unauthenticated attacker with network access via     HTTP could exploit this vulnerability to compromise     Oracle WebLogic Server. A successful attack of this     vulnerability can result in unauthorized access to     critical data or complete access to all Oracle WebLogic     Server accessible data. (CVE-2020-6950)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2513 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly     application runtime.

    This release of Red Hat JBoss Enterprise Application Platform 7.3.1 serves as a replacement for Red Hat     JBoss Enterprise Application Platform 7.3.0, and includes bug fixes and enhancements. See the Red Hat     JBoss Enterprise Application Platform 7.3.1 Release Notes for information about the most significant bug     fixes and enhancements included in this release.

    Security Fix(es):

    * cxf: reflected XSS in the services listing page (CVE-2019-17573)

    * cxf-core: cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)

    * jackson-mapper-asl: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)

    * undertow: servletPath in normalized incorrectly leading to dangerous application mapping which could     result in security bypass (CVE-2020-1757)

    * jackson-databind: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)

    * jackson-mapper-asl: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)

    * resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class     (CVE-2020-1695)

    * cryptacular: excessive memory allocation during a decode operation (CVE-2020-7226)

    * smallrye-config: SmallRye: SecuritySupport class is incorrectly public and contains a static method to     access the current threads context class loader (CVE-2020-1729)

    * resteasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack (CVE-2020-10688)

    * jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)

    * undertow: invalid HTTP request with large chunk size (CVE-2020-10719)

    * jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)

    * jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)

    * jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)

    * undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)

    * libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)

    * libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)

    * wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider     is in use (CVE-2019-14887)

    * jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of     CVE-2018-14371 (CVE-2020-6950)

    * jsf-impl: mojarra: Path traversal in ResourceManager.java:getLocalePrefix() via the loc parameter     (CVE-2018-14371)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, see the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2022 CPU advisory.

  - Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Intelligence, RFx     Creation). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability     allows low privileged attacker with network access via HTTP to compromise Oracle Sourcing. Successful     attacks of this vulnerability can result in unauthorized creation, deletion or modification access to     critical data or all Oracle Sourcing accessible data as well as unauthorized access to critical data or     complete access to all Oracle Sourcing accessible data. (CVE-2022-21274)

  - Vulnerability in the Oracle Project Costing product of Oracle E-Business Suite (component: Expenses,     Currency Override). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable     vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Project     Costing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or     modification access to critical data or all Oracle Project Costing accessible data as well as unauthorized     access to critical data or complete access to all Oracle Project Costing accessible data. (CVE-2022-21273)

  - Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: UI Servlet).
    Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low     privileged attacker with network access via HTTP to compromise Oracle Configurator. Successful attacks of     this vulnerability can result in unauthorized creation, deletion or modification access to critical data     or all Oracle Configurator accessible data as well as unauthorized access to critical data or complete     access to all Oracle Configurator accessible data. (CVE-2022-21255)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2512 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java     applications based on the WildFly application runtime.

    This release of Red Hat JBoss Enterprise Application Platform 7.3.1 serves as a replacement for Red Hat     JBoss Enterprise Application Platform 7.3.0, and includes bug fixes and enhancements. See the Red Hat     JBoss Enterprise Application Platform 7.3.1 Release Notes for information about the most significant bug     fixes and enhancements included in this release.

    Security Fix(es):

    * cxf: reflected XSS in the services listing page (CVE-2019-17573)

    * cxf-core: cxf: OpenId Connect token service does not properly validate the clientId (CVE-2019-12423)

    * jackson-mapper-asl: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)

    * undertow: servletPath in normalized incorrectly leading to dangerous application mapping which could     result in security bypass (CVE-2020-1757)

    * jackson-databind: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)

    * jackson-mapper-asl: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)

    * resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class     (CVE-2020-1695)

    * cryptacular: excessive memory allocation during a decode operation (CVE-2020-7226)

    * smallrye-config: SmallRye: SecuritySupport class is incorrectly public and contains a static method to     access the current threads context class loader (CVE-2020-1729)

    * resteasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack (CVE-2020-10688)

    * jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)

    * undertow: invalid HTTP request with large chunk size (CVE-2020-10719)

    * jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)

    * jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)

    * jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)

    * undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)

    * libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)

    * libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)

    * wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider     is in use (CVE-2019-14887)

    * jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of     CVE-2018-14371 (CVE-2020-6950)

    * jsf-impl: mojarra: Path traversal in ResourceManager.java:getLocalePrefix() via the loc parameter     (CVE-2018-14371)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, see the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3638 advisory.

    This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat     JBoss Enterprise Application Platform 7.2.8, and includes bug fixes and enhancements. See the Red Hat     JBoss Enterprise Application Platform 7.2.9 Release Notes for information about the most significant bug     fixes and enhancements included in this release.

    Security Fix(es):

    * jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)

    * jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)

    * jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)

    * jackson-databind: mishandles the interaction between serialization gadgets and typing which could result     in remote command execution (CVE-2020-10672)

    * jackson-databind: mishandles the interaction between serialization gadgets and typing which could result     in remote command execution (CVE-2020-10673)

    * jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)

    * undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)

    * wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in     HTTP requests (CVE-2020-10687)

    * jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of     CVE-2018-14371 (CVE-2020-6950)

    * resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class     (CVE-2020-1695)

    * wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)

    * dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)

    * wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain     (CVE-2020-1748)

    * hibernate-validator: Improper input validation in the interpolation of constraint error messages     (CVE-2020-10693)

    * hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)

    * wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)

     wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)

    * jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is     received causing Denial of Service (CVE-2020-14307)

    * jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service     (CVE-2020-14297)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, see the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3637 advisory.

    This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat     JBoss Enterprise Application Platform 7.2.8, and includes bug fixes and enhancements. See the Red Hat     JBoss Enterprise Application Platform 7.2.9 Release Notes for information about the most significant bug     fixes and enhancements included in this release.

    Security Fix(es):

    * jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)

    * jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)

    * jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)

    * jackson-databind: mishandles the interaction between serialization gadgets and typing which could result     in remote command execution (CVE-2020-10672)

    * jackson-databind: mishandles the interaction between serialization gadgets and typing which could result     in remote command execution (CVE-2020-10673)

    * jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)

    * undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)

    * wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in     HTTP requests (CVE-2020-10687)

    * jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of     CVE-2018-14371 (CVE-2020-6950)

    * resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class     (CVE-2020-1695)

    * wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)

    * dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)

    * wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain     (CVE-2020-1748)

    * hibernate-validator: Improper input validation in the interpolation of constraint error messages     (CVE-2020-10693)

    * hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)

    * wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)

     wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)

    * jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is     received causing Denial of Service (CVE-2020-14307)

    * jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service     (CVE-2020-14297)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, see the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Published	Updated	Severity
140392	RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 8 (RHSA-2020:3639)	Nessus	Red Hat Local Security Checks	9/8/2020	11/7/2024	critical
137331	RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.1 Security update (Important) (RHSA-2020:2511)	Nessus	Red Hat Local Security Checks	6/11/2020	11/7/2024	critical
174464	Oracle WebLogic Server (Apr 2023 CPU)	Nessus	Misc.	4/19/2023	12/12/2023	high
141318	FreeBSD : Payara -- path trasversal flaw via either loc/con parameters in Eclipse Mojarra (b07bdd3c-0809-11eb-a3a4-0019dbb15b3f)	Nessus	FreeBSD Local Security Checks	10/9/2020	8/10/2021	medium
132961	Oracle WebLogic Server Multiple Vulnerabilities (Jan 2020 CPU)	Nessus	Misc.	1/16/2020	11/16/2023	critical
137334	RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.1 Security update (Important) (RHSA-2020:2513)	Nessus	Red Hat Local Security Checks	6/11/2020	11/7/2024	critical
156890	Oracle E-Business Suite (Jan 2022 CPU)	Nessus	Misc.	1/20/2022	11/20/2023	high
137333	RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.1 Security update (Important) (RHSA-2020:2512)	Nessus	Red Hat Local Security Checks	6/11/2020	11/7/2024	critical
140390	RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 7 (RHSA-2020:3638)	Nessus	Red Hat Local Security Checks	9/8/2020	11/7/2024	critical
140397	RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 6 (RHSA-2020:3637)	Nessus	Red Hat Local Security Checks	9/8/2020	11/7/2024	critical

Detections

Analytics

Plugins Search

critical

critical

high

medium

critical

critical

high

critical

critical

critical