CPE Details
Red Hat Jboss Application Server 7.1.0 Community Edition
7.1.0
2019-12-23
13h41 +00:00
13h41 +00:00
2021-06-03
13h46 +00:00
13h46 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:redhat:jboss_application_server:7.1.0:*:*:*:community:*:*:*
Informations
Vendor
redhatProduct
jboss_application_serverVersion
7.1.0Software Edition
communityRelated CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed. | 7.5 |
High |
||
| An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges. | 7.8 |
High |
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.