RHEL 6 / 7 : Red Hat JBoss Web Server 5.0 Service Pack 1 (RHSA-2018:2868)
Medium Nessus Plugin ID 117912
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionAn update is now available for Red Hat JBoss Web Server 5.0 for RHEL 6
and Red Hat JBoss Web Server 5.0 for RHEL 7.
Red Hat Product Security has rated this release as having a security
impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the
Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster),
the PicketLink Vault extension for Apache Tomcat, and the Tomcat
This release of Red Hat JBoss Web Server 5.0 Service Pack 1 serves as
a replacement for Red Hat JBoss Web Server 5.0, and includes bug
fixes, which are documented in the Release Notes document linked to in
Security Fix(es) :
* tomcat: Information Disclosure (CVE-2018-8037)
For more details about the security issue(s), including the impact, a
CVSS score, acknowledgments, and other related information, refer to
the CVE page(s) listed in the References section.
SolutionUpdate the affected packages.