VDB
RHSA-2017%3A1834
RHSA-2017%3A1834
PUBLISHED
CVSS 8.100000381469727 HIGH
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.7 on RHEL 6
Risk Scores
CVSS 3.0
8.100000381469727
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-activemq-artemis-hqclient-protocol | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-activemq-artemis-dto | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-ironjacamar-common-impl | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-wildfly | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-wildfly-web-console-eap | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-ironjacamar | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-jboss-modules | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-activemq-artemis-core-client | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-hibernate | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-activemq-artemis-ra | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-resteasy-crypto | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-ironjacamar-deployers-common | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-resteasy | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-activemq-artemis-hornetq-protocol | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-activemq-artemis-service-extensions | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-resteasy-jackson2-provider | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-wildfly-modules | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-activemq-artemis-jms-client | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-resteasy-yaml-provider | 0, 0 |
| Red Hat:jboss_enterprise_application_platform:7::el6 | eap7-resteasy-multipart-provider | 0, 0 |
…and 37 more
Exploit Intelligence
- Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告 (github-poc-repo)
- Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告 (github-poc-repo)
- CVE-2017-7525 S2-055 Exploit (github-poc-repo)
- CVE-2017-7525 S2-055 Exploit (github-poc-repo)
- Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring. (github-poc-repo)
- Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring. (github-poc-repo)
- Jackson Deserialization CVE-2017-7525 PoC (github-poc-repo)
- Jackson Deserialization CVE-2017-7525 PoC (github-poc-repo)
- Insecure Java Deserialization Lab (github-poc-repo)
- Insecure Java Deserialization Lab (github-poc-repo)
…and 12 more exploits
Timeline
- Jul 31, 2017 CVE Published
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- May 12, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2017:1834 advisory
- https://access.redhat.com/security/updates/classification/#important article
- https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/ article
- https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/ article
- https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/ article
- https://bugzilla.redhat.com/show_bug.cgi?id=1379207 report
- https://bugzilla.redhat.com/show_bug.cgi?id=1462702 report
- https://issues.redhat.com/browse/JBEAP-9464 article
- https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1834.json advisory
- https://access.redhat.com/security/cve/CVE-2016-4978 report
- https://www.cve.org/CVERecord?id=CVE-2016-4978 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2016-4978 advisory
- https://access.redhat.com/security/cve/CVE-2017-7525 report
- https://www.cve.org/CVERecord?id=CVE-2017-7525 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2017-7525 advisory