Red Hat Jboss Luki w zabezpieczeniach

Oś czasu

Ostatni rok

Wersja

5.1.116
5.1.09
5.1.29
77
6.4.07

Przeciwdziałanie

Official Fix128
Temporary Fix0
Workaround0
Unavailable1
Not Defined49

Wykorzystywanie

High5
Functional0
Proof-of-Concept15
Unproven24
Not Defined134

Wektor dostępu

Not Defined0
Physical0
Local14
Adjacent8
Network156

Uwierzytelnianie

Not Defined0
High1
Low53
None124

Interakcja z użytkownikiem

Not Defined0
Required42
None136

C3BM Index

Ostatni rok

CVSSv3 Base

≤10
≤20
≤30
≤414
≤537
≤647
≤737
≤824
≤915
≤104

CVSSv3 Temp

≤10
≤20
≤31
≤419
≤543
≤651
≤730
≤820
≤911
≤103

VulDB

≤10
≤20
≤30
≤421
≤539
≤649
≤728
≤828
≤99
≤104

NVD

≤10
≤20
≤30
≤40
≤50
≤617
≤713
≤89
≤910
≤108

CNA

≤10
≤20
≤31
≤41
≤51
≤65
≤75
≤83
≤91
≤100

Sprzedawca

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k0
<2k0
<5k10
<10k58
<25k104
<50k6
<100k0
≥100k0

Wykorzystaj dzisiaj

<1k131
<2k7
<5k9
<10k22
<25k9
<50k0
<100k0
≥100k0

Wykorzystaj wielkość rynku

Ostatni rok

🔴 CTI Zajęcia

Affected Versions (99): 1.0, 1.2, 2, 2.0, 2.0.1, 2.1, 2.2, 2.2.1, 2.2.2, 2.3, 2.3.1, 2.4, 2.4.1, 2.4.2, 2.4.37 SP3, 2.5, 3, 3.0, 3.1.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.3.4, 3.3.5, 3.3.6, 4, 4.0, 4.0.0.Beta1, 4.1, 4.2, 4.3, 5, 5 EL4, 5 EL6, 5.0, 5.0.1, 5.1, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.5, 5.1.6, 5.1.7, 5.1.8, 5.1.9, 5.2, 5.2.1, 5.3, 6, 6 EL4, 6 EL6, 6.0, 6.0.1, 6.0.2, 6.1, 6.1.1, 6.2, 6.2.1, 6.2.2, 6.2.3, 6.3, 6.3.1, 6.3.2, 6.3.3, 6.4, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5, 6.4.6, 6.4.7, 6.4.8, 6.4.9, 6.4.11, 6.4.12, 6.4.13, 6.4.14, 6.4.21, 7, 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.5, 7.0.7.GA, 7.1, 7.1.0.GA, 7.1.1, 7.2, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 8, EAP 6.4

Link to Product Website: https://www.redhat.com/

Typ oprogramowania: Application Server Software

OpublikowanoBaseTempSłaby punkt0dayDzisiajWykPrzCTICVE
2024-04-255.45.4Red Hat Keycloak dbProperties information disclosure$5k-$25k$5k-$25kNot DefinedNot Defined0.03CVE-2024-1102
2024-04-097.37.3Red Hat JBoss Enterprise Application Platform HTTP Request privilege escalation$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2024-1233
2023-10-063.53.4Red Hat JBoss Enterprise Application Platform Class privilege escalation$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-3171
2022-08-263.53.5Red Hat JBoss Core Services httpd directory traversal$5k-$25k$0-$5kNot DefinedNot Defined0.04CVE-2021-3688
2022-05-116.36.0Red Hat JBoss Enterprise Application Platform/WildFly privilege escalation$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2022-0866
2022-03-123.53.5Red Hat jboss-client information disclosure$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-0853
2021-12-246.36.3Red Hat JBoss Enterprise Application Platform Artemis privilege escalation$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2021-20318
2021-06-023.53.4Red Hat jboss-remoting Message denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-35510
2021-06-023.53.5Red Hat JBoss Enterprise Application Platform race condition$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-14317
2021-01-085.05.0Red Hat JBoss Core Services httpd SSL Certificate weak authentication$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-25680
2020-10-166.06.0Red Hat JBoss EAP Legacy SecurityRealm weak authentication$5k-$25k$0-$5kNot DefinedNot Defined0.00CVE-2020-14299
2020-09-165.35.3Red Hat JBoss EAP RFC7230 nieznana luka$25k-$100k$5k-$25kNot DefinedNot Defined0.04CVE-2020-1710
2020-07-245.45.4Red Hat JBoss EAP Wildfly EJB denial of service$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-14307
2020-07-245.45.4Red Hat JBoss EAP Wildfly EJB Client denial of service$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-14297
2020-01-235.05.0Red Hat JBoss EAP Vault System Log information disclosure$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2019-14885
2019-11-265.95.8Red Hat JBoss Application Server cross site request forgery$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2011-3609
2019-11-264.84.7Red Hat JBoss Application Server Aministration Console DOM-Based cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2011-3606
2019-10-036.26.2Red Hat JBoss Operations Network Remote Code Execution$5k-$25k$5k-$25kNot DefinedNot Defined0.02CVE-2019-3834
2019-06-126.36.3Red Hat JBoss Enterprise Application Platform Picketlink cross site scripting$5k-$25k$0-$5kNot DefinedNot Defined0.00CVE-2019-3873
2019-06-124.84.8Red Hat JBoss Enterprise Application Platform PicketLink cross site scripting$5k-$25k$0-$5kNot DefinedNot Defined0.05CVE-2019-3872
2018-10-305.05.0Red Hat JBoss BPM Suite Dashbuilder Controller Reflected cross site scripting$5k-$25k$0-$5kNot DefinedNot Defined0.00CVE-2016-6343
2018-09-116.56.4Red Hat JBoss Enterprise Application Platform CLI auth privilege escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2016-7066
2018-09-105.15.0Red Hat JBoss Enterprise Application Platform RBAC information disclosure$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2016-7061
2018-08-166.46.4Red Hat JBoss Core Services Libxml2 information disclosure$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2016-9598
2018-08-165.45.4Red Hat JBoss Core Services Libxml2 denial of service$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2016-9596

153 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 153 results.

więcej wpisów autorstwa Red Hat

PoprzedniPrzeglądKolejny

Do you need the next level of professionalism?

Upgrade your account now!