The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3638 advisory.

  - hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)

  - jackson-databind: mishandles the interaction between serialization gadgets and typing which could result     in remote command execution (CVE-2020-10672, CVE-2020-10673)

  - dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)

  - Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests     (CVE-2020-10687)

  - hibernate-validator: Improper input validation in the interpolation of constraint error messages     (CVE-2020-10693)

  - wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)

  - wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)

  - wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)

  - wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)

  - wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing     Denial of Service (CVE-2020-14307)

  - resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)

  - EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)

  - Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain     (CVE-2020-1748)

  - Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of     CVE-2018-14371 (CVE-2020-6950)

  - jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)

  - jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)

  - jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)

  - jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 7 (RHSA-2020:3638)

critical Nessus Plugin ID 140390

Version 1.9

Version 1.8

Version 1.7

Version 1.9 Feb 21, 2024, 4:36 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") CVSSv3 score source (set to "CVE-2020-9548") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202402211636
Version 1.8 Jan 23, 2023, 7:12 PM Logic Changes (Added support for repository relative URLs) Plugin Feed: 202301231912
Version 1.7 Dec 6, 2022, 6:51 PM Reference Plugin Feed: 202212061851