VDB
RHSA-2017%3A0457
RHSA-2017%3A0457
PUBLISHED
CVSS 3.700000047683716 LOW
An update is now available for Red Hat JBoss Web Server. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Risk Scores
CVSS 3.1
3.700000047683716
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat JBoss Web Server 3.1 |
Exploit Intelligence
- Reproducible exploits for: CVE-2016-1240 CVE-2008-2938 CVE-2014-2064 CVE-2014-1904 (github-poc-repo)
- Reproducible exploits for: CVE-2016-1240 CVE-2008-2938 CVE-2014-2064 CVE-2014-1904 (github-poc-repo)
- CVE-2016-1240 exploit and patch (github-poc-repo)
- CVE-2016-1240 exploit and patch (github-poc-repo)
- ianxtianxt/CVE-2016-8735 (github-poc-repo)
- ianxtianxt/CVE-2016-8735 (github-poc-repo)
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog (redhat)
- http://legalhackers.com/advisories/Tomcat-DebPkgs-Root-Privilege-Escalation-Exploit-CVE-2016-1240.txt (redhat)
- ianxtianxt/CVE-2016-8735 (github-poc)
- CVE-2016-1240 exploit and patch (github-poc)
…and 29 more exploits
Timeline
- Mar 7, 2017 CVE Published
- Dec 15, 2024 CVE Updated
- Apr 6, 2026 Distribution Patch
- Apr 6, 2026 Distribution Patch
- Apr 6, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2017:0457 advisory
- https://access.redhat.com/security/updates/classification/#important url
- https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=webserver&version=3.1.0 url
- https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/3/html-single/3.1_Release_Notes/index.html url
- https://access.redhat.com/security/vulnerabilities/httpoxy url
- https://access.redhat.com/solutions/2435491 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1349468 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1367447 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1376712 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1390493 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1390515 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1390520 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1390525 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1390526 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1397484 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1397485 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1403824 url
- https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0457.json advisory