Multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2018-1047 CVE-2018-1067 CVE-2018-8088 CVE-2016-4993 |
| CWE-ID | CWE-22 CWE-113 CWE-284 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
JBoss Enterprise Application Platform Server applications / Application servers |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Path traversal
EUVDB-ID: #VU12207
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-1047
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists in the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method due to path traversal. A remote attacker can gain access to arbitrary local files.
Install update from vendor's website.
Vulnerable software versionsJBoss Enterprise Application Platform: 7.1.0
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2018:1248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) HTTP response splitting
EUVDB-ID: #VU12209
Risk: Low
CVSSv4.0: 8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-1067
CWE-ID:
CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information and write arbitrary files on the target system.
The weakness exists in the Undertow web server due to insufficient sanitization and validation of user input before the input is used as part of an HTTP header value. A remote attacker can gain access to potentially sensitive information and write arbitrary files.
Install update from vendor's website.
Vulnerable software versionsJBoss Enterprise Application Platform: 7.1.0
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2018:1248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper access control
EUVDB-ID: #VU11301
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-8088
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to bypass access restrictions on the target system.
The weakness exists in the org.slf4j.ext.EventData class due to improper security restrictions. A remote attacker can send specially crafted input, bypass access restrictions and gain unauthorized access to perform further attacks.
Install update from vendor's website.
Vulnerable software versionsJBoss Enterprise Application Platform: 7.1.0
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2018:1248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU408
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-4993
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to disclose potentially sensitive data.
The vulnerability is caused by a parsing error when handling specially crafted URLs. A remote attacker can trigger the application to return a split query, which can lead to content spoofing and cache poisoning attacks.
Successful exploitation of this vulnerability may allow a remote attacker to get access to potentially sensitive information or perform phishing attacks.
Install update from vendor's website.
Vulnerable software versionsJBoss Enterprise Application Platform: 7.1.0
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2018:1248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
