Jboss Schwachstellen

Zeitverlauf

Typ

Application Server Software	20

Produkt

JBoss KeyCloak	4
JBoss JBoss Application Server	3
JBoss RichFaces	2
JBoss BRMS	1
JBoss AeroGear	1

Massnahmen

Official Fix	13
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	7

Ausnutzbarkeit

High	2
Functional	0
Proof-of-Concept	3
Unproven	0
Not Defined	15

Zugriffsart

Not Defined	0
Physical	0
Local	1
Adjacent	1
Network	18

Authentisierung

Not Defined	0
High	0
Low	4
None	16

Benutzeraktivität

Not Defined	0
Required	10
None	10

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	1
≤5	5
≤6	4
≤7	4
≤8	4
≤9	2
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	1
≤5	6
≤6	5
≤7	4
≤8	2
≤9	2
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	3
≤5	6
≤6	2
≤7	3
≤8	6
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	2
≤7	2
≤8	1
≤9	1
≤10	2

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	1
≤7	1
≤8	0
≤9	0
≤10	0

Hersteller

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	1
<2k	11
<5k	8
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit heute

<1k	20
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (14): AeroGear (1), BRMS (1), Enterprise Application Platform (1), Expressions (1), IronJacamar (1), JBoss Application Server (3), JBoss Enterprise (1), KeyCloak (4), Management Console (1), RichFaces (2), Web Console (1), jBPM (1), jbossas (1), seam (1)

Veröffentlicht	Base	Temp	Schwachstelle	Prod	Aus	Mas	EPSS	CTI	CVE
15.12.2023	4.3	4.1	JBoss KeyCloak lowerCaseHostname Redirect	Application Server Software	Not Defined	Official Fix	0.00104	0.02	CVE-2023-6291
12.12.2023	4.5	4.5	JBoss KeyCloak Incomplete Fix CVE-2020-10748 Cross Site Scripting	Application Server Software	Not Defined	Not Defined	0.00114	0.02	CVE-2023-6134
04.12.2023	4.3	4.3	JBoss KeyCloak WebAuthn erweiterte Rechte	Application Server Software	Not Defined	Not Defined	0.00000	0.05	CVE-2023-6484
12.11.2019	5.2	5.1	JBoss BRMS Cross Site Scripting	Application Server Software	Not Defined	Official Fix	0.00112	0.00	CVE-2010-3857
04.11.2019	5.2	5.2	JBoss AeroGear Reflected Cross Site Scripting	Application Server Software	Not Defined	Not Defined	0.00084	0.04	CVE-2014-3649
27.03.2019	4.8	4.7	JBoss Management Console Cross Site Scripting	Application Server Software	Not Defined	Official Fix	0.00112	0.02	CVE-2018-10934
18.06.2018	8.5	8.4	JBoss RichFaces EL Variable Mapper erweiterte Rechte	Application Server Software	Not Defined	Official Fix	0.75573	0.00	CVE-2018-12533
18.06.2018	8.5	8.5	JBoss RichFaces EL Variable Mapper erweiterte Rechte	Application Server Software	Not Defined	Not Defined	0.02302	0.00	CVE-2018-12532
22.05.2018	7.0	6.9	JBoss jbossas Init Script erweiterte Rechte	Application Server Software	Not Defined	Official Fix	0.00044	0.00	CVE-2016-8656
18.10.2017	6.5	6.2	JBoss KeyCloak CSRF Protection Cross Site Request Forgery	Application Server Software	Not Defined	Official Fix	0.00432	0.00	CVE-2014-3709

10 weitere Einträge werden nicht mehr angezeigt

🔒 Login Required

You need to signup and login to see more of the remaining 10 results.

◂ ZurückÜbersichtWeiter ▸

Do you need the next level of professionalism?

Upgrade your account now!