RHSA-2018%3A0271 — Vulnetix

RHSA-2018%3A0271 PUBLISHED CVSS 7.5 HIGH

An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Risk Scores

CVSS 3.1

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
	jbossweb
	Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server
	jbossws
	infinispan
	jboss
	hornetq

Exploit Intelligence

CVE-2017-12617 and CVE-2017-12615 for tomcat server (github-poc-repo)
CVE-2017-12617 and CVE-2017-12615 for tomcat server (github-poc-repo)
CVE-2017-12617 and CVE-2017-12615 for tomcat server (github-poc-repo)
Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (github-poc-repo)
Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (github-poc-repo)
Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (github-poc-repo)
Code put together from a few peoples ideas credit given don't use maliciously please (github-poc-repo)
Code put together from a few peoples ideas credit given don't use maliciously please (github-poc-repo)
Code put together from a few peoples ideas credit given don't use maliciously please (github-poc-repo)
qiantu88/CVE-2017-12617 (github-poc-repo)

…and 90 more exploits

Timeline

Feb 5, 2018 CVE Published
Dec 8, 2024 CVE Updated
Apr 7, 2026 Distribution Patch
Apr 7, 2026 Distribution Patch
Apr 7, 2026 Security Advisory
Apr 30, 2026 Security Advisory
Apr 30, 2026 Security Advisory
Apr 30, 2026 Security Advisory

References

Open in Interactive Console →