Red Hat JBoss Enterprise Application Platform (EAP) 7.0.7

CPE Details

Red Hat JBoss Enterprise Application Platform (EAP) 7.0.7
redhat
jboss_enterprise_application_platform
7.0.7
2018-01-19
13h18 +00:00
2018-01-19
13h18 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.7:*:*:*:*:*:*:*

Informations

Vendor

redhat

Product

jboss_enterprise_application_platform

Version

7.0.7

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-19343 2021-03-23 19h23 +00:00 A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable.
7.5
High
CVE-2019-14885 2020-01-22 23h00 +00:00 A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information.
4.3
Medium
CVE-2016-7066 2018-09-11 12h00 +00:00 It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations.
7.8
High
CVE-2017-12167 2018-07-26 15h00 +00:00 It was found in EAP 7 before 7.0.9 that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system.
5.5
Medium