VDB
RHSA-2016%3A1648
RHSA-2016%3A1648
PUBLISHED
CVSS 5.599999904632568 MEDIUM
An update is now available for Red Hat JBoss Enterprise Web Server 2.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Risk Scores
CVSS 3.1
5.599999904632568
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| jbcs | ||
| mod_cluster | ||
| mod_jk | ||
| Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server | ||
| tomcat | ||
| httpd22 |
Exploit Intelligence
- https://access.redhat.com/errata/RHSA-2016:1648 (circl)
- https://access.redhat.com/security/updates/classification/#important (circl)
- https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/2.1/html/2.1.1_Release_Notes/index.html (circl)
- https://access.redhat.com/site/documentation/ (circl)
- https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Web_Server/2/html-single/Installation_Guide/index.html (circl)
- https://access.redhat.com/security/vulnerabilities/httpoxy (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=1326320 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=1331441 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=1331536 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=1337155 (circl)
…and 8 more exploits
Timeline
- Jul 22, 2016 PoC Published
- Aug 22, 2016 CVE Published
- Mar 18, 2026 CVE Updated
- Apr 7, 2026 Distribution Patch
- Apr 7, 2026 Distribution Patch
- Apr 7, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2016:1648 advisory
- https://access.redhat.com/security/updates/classification/#important url
- https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/2.1/html/2.1.1_Release_Notes/index.html url
- https://access.redhat.com/site/documentation/ url
- https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Web_Server/2/html-single/Installation_Guide/index.html url
- https://access.redhat.com/security/vulnerabilities/httpoxy url
- https://bugzilla.redhat.com/show_bug.cgi?id=1326320 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1331441 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1331536 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1337155 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1337397 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1338646 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1353755 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1358118 url
- https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_1648.json advisory