Multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8



Published: 2024-02-08
Risk Medium
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2023-4759
CVE-2023-44483
CWE-ID CWE-59
CWE-532
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		eap7-xml-security (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-wildfly-transaction-client (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-wildfly-naming-client (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-wildfly-elytron (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-wildfly (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-resteasy (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-protostream (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-log4j2-jboss-logmanager (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-jbossws-spi (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-jboss-server-migration (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-jboss-msc (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-jboss-cert-helper (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-ironjacamar (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-insights-java-client (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-hibernate (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-glassfish-jsf (Red Hat package)
Operating systems & Components / Operating system package or component

eap7-eclipse-jgit (Red Hat package)
Operating systems & Components / Operating system package or component

Vendor Red Hat Inc.

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Link following

EUVDB-ID: #VU81948

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4759

CWE-ID: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Exploit availability: No

Description

The vulnerability allows a remote attacker to overwrite files on the system.

The vulnerability exists due to an insecure link following. A remote attacker can place a specially crafted symbolic link into the repository, trick the victim into cloning it and overwrite arbitrary files on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

eap7-xml-security (Red Hat package): before 2.2.6-1.redhat_00002.1.el8eap

eap7-wildfly-transaction-client (Red Hat package): before 1.1.17-1.Final_redhat_00001.1.el8eap

eap7-wildfly-naming-client (Red Hat package): before 1.0.17-1.Final_redhat_00001.1.el8eap

eap7-wildfly-elytron (Red Hat package): before 1.15.21-1.Final_redhat_00001.1.el8eap

eap7-wildfly (Red Hat package): before 7.4.15-2.GA_redhat_00002.1.el8eap

eap7-resteasy (Red Hat package): before 3.15.9-1.Final_redhat_00001.1.el8eap

eap7-protostream (Red Hat package): before 4.3.6-1.Final_redhat_00001.1.el8eap

eap7-log4j2-jboss-logmanager (Red Hat package): before 1.1.2-1.Final_redhat_00002.1.el8eap

eap7-jbossws-spi (Red Hat package): before 3.4.0-4.Final_redhat_00002.1.el8eap

eap7-jboss-server-migration (Red Hat package): before 1.10.0-34.Final_redhat_00033.1.el8eap

eap7-jboss-msc (Red Hat package): before 1.4.13-1.Final_redhat_00001.1.el8eap

eap7-jboss-cert-helper (Red Hat package): before 1.1.1-1.redhat_00001.1.el8eap

eap7-ironjacamar (Red Hat package): before 1.5.16-1.Final_redhat_00001.1.el8eap

eap7-insights-java-client (Red Hat package): before 1.1.1-1.redhat_00001.1.el8eap

eap7-hibernate (Red Hat package): before 5.3.33-2.Final_redhat_00001.1.el8eap

eap7-glassfish-jsf (Red Hat package): before 2.3.14-7.SP08_redhat_00001.1.el8eap

eap7-eclipse-jgit (Red Hat package): before 5.13.2-1.SP1_redhat_00001.1.el8eap

External links

http://access.redhat.com/errata/RHSA-2024:0711


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU83241

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-44483

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to software stores sensitive information into log files when using the JSR 105 API. A remote user can obtain a private key when generating an XML Signature with debug level enabled.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

eap7-xml-security (Red Hat package): before 2.2.6-1.redhat_00002.1.el8eap

eap7-wildfly-transaction-client (Red Hat package): before 1.1.17-1.Final_redhat_00001.1.el8eap

eap7-wildfly-naming-client (Red Hat package): before 1.0.17-1.Final_redhat_00001.1.el8eap

eap7-wildfly-elytron (Red Hat package): before 1.15.21-1.Final_redhat_00001.1.el8eap

eap7-wildfly (Red Hat package): before 7.4.15-2.GA_redhat_00002.1.el8eap

eap7-resteasy (Red Hat package): before 3.15.9-1.Final_redhat_00001.1.el8eap

eap7-protostream (Red Hat package): before 4.3.6-1.Final_redhat_00001.1.el8eap

eap7-log4j2-jboss-logmanager (Red Hat package): before 1.1.2-1.Final_redhat_00002.1.el8eap

eap7-jbossws-spi (Red Hat package): before 3.4.0-4.Final_redhat_00002.1.el8eap

eap7-jboss-server-migration (Red Hat package): before 1.10.0-34.Final_redhat_00033.1.el8eap

eap7-jboss-msc (Red Hat package): before 1.4.13-1.Final_redhat_00001.1.el8eap

eap7-jboss-cert-helper (Red Hat package): before 1.1.1-1.redhat_00001.1.el8eap

eap7-ironjacamar (Red Hat package): before 1.5.16-1.Final_redhat_00001.1.el8eap

eap7-insights-java-client (Red Hat package): before 1.1.1-1.redhat_00001.1.el8eap

eap7-hibernate (Red Hat package): before 5.3.33-2.Final_redhat_00001.1.el8eap

eap7-glassfish-jsf (Red Hat package): before 2.3.14-7.SP08_redhat_00001.1.el8eap

eap7-eclipse-jgit (Red Hat package): before 5.13.2-1.SP1_redhat_00001.1.el8eap

External links

http://access.redhat.com/errata/RHSA-2024:0711


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###