Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Red Hat JBoss Enterprise Application Platform by Red Hat, Inc.

    CVE-2017-12189 (GCVE-0-2017-12189)

    Vulnerability from nvd – Published: 2018-01-10 19:00 – Updated: 2024-08-05 18:28
    VLAI
    Summary
    It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… x_refsource_CONFIRM
    https://access.redhat.com/errata/RHSA-2018:0002 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2018:0004 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2018:0003 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2018:0005 vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/bid/102407 vdb-entryx_refsource_BID
    Impacted products
    Date Public
    2017-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T18:28:16.689Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12189"
              },
              {
                "name": "RHSA-2018:0002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2018:0002"
              },
              {
                "name": "RHSA-2018:0004",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2018:0004"
              },
              {
                "name": "RHSA-2018:0003",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2018:0003"
              },
              {
                "name": "RHSA-2018:0005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2018:0005"
              },
              {
                "name": "102407",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102407"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Red Hat JBoss Enterprise Application Platform",
              "vendor": "Red Hat, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.7.GA"
                }
              ]
            }
          ],
          "datePublic": "2017-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-282",
                  "description": "CWE-282",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-11T10:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12189"
            },
            {
              "name": "RHSA-2018:0002",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:0002"
            },
            {
              "name": "RHSA-2018:0004",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:0004"
            },
            {
              "name": "RHSA-2018:0003",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:0003"
            },
            {
              "name": "RHSA-2018:0005",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:0005"
            },
            {
              "name": "102407",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102407"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2017-12189",
        "datePublished": "2018-01-10T19:00:00.000Z",
        "dateReserved": "2017-08-01T00:00:00.000Z",
        "dateUpdated": "2024-08-05T18:28:16.689Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-12189 (GCVE-0-2017-12189)

    Vulnerability from cvelistv5 – Published: 2018-01-10 19:00 – Updated: 2024-08-05 18:28
    VLAI
    Summary
    It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… x_refsource_CONFIRM
    https://access.redhat.com/errata/RHSA-2018:0002 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2018:0004 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2018:0003 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2018:0005 vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/bid/102407 vdb-entryx_refsource_BID
    Impacted products
    Date Public
    2017-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T18:28:16.689Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12189"
              },
              {
                "name": "RHSA-2018:0002",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2018:0002"
              },
              {
                "name": "RHSA-2018:0004",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2018:0004"
              },
              {
                "name": "RHSA-2018:0003",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2018:0003"
              },
              {
                "name": "RHSA-2018:0005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2018:0005"
              },
              {
                "name": "102407",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102407"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Red Hat JBoss Enterprise Application Platform",
              "vendor": "Red Hat, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.7.GA"
                }
              ]
            }
          ],
          "datePublic": "2017-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-282",
                  "description": "CWE-282",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-11T10:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12189"
            },
            {
              "name": "RHSA-2018:0002",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:0002"
            },
            {
              "name": "RHSA-2018:0004",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:0004"
            },
            {
              "name": "RHSA-2018:0003",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:0003"
            },
            {
              "name": "RHSA-2018:0005",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:0005"
            },
            {
              "name": "102407",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102407"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2017-12189",
        "datePublished": "2018-01-10T19:00:00.000Z",
        "dateReserved": "2017-08-01T00:00:00.000Z",
        "dateUpdated": "2024-08-05T18:28:16.689Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }