{ "threat_severity" : "Moderate", "public_date" : "2019-04-30T17:12:00Z", "bugzilla" : { "description" : "wildfly: Race condition on PID file allows for termination of arbitrary processes by local users", "id" : "1660263", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1660263" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-364", "details" : [ "A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.", "A flaw was discovered in wildfly that would allow local users, who are able to execute init.d script, to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root." ], "acknowledgement" : "Red Hat would like to thank Daniel Le Gall (SCRT Information Security) for reporting this issue.", "affected_release" : [ { "product_name" : "Red Hat Data Grid 7.3.3", "release_date" : "2020-03-05T00:00:00Z", "advisory" : "RHSA-2020:0727", "cpe" : "cpe:/a:redhat:jboss_data_grid:7.3", "package" : "wildfly" }, { "product_name" : "Red Hat Fuse 7.4.0", "release_date" : "2019-08-08T00:00:00Z", "advisory" : "RHSA-2019:2413", "cpe" : "cpe:/a:redhat:jboss_fuse:7", "package" : "wildfly" }, { "product_name" : "Red Hat JBoss EAP 7.2", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1106", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2", "package" : "wildfly" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1107", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package" : "eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date" : "2019-05-08T00:00:00Z", "advisory" : "RHSA-2019:1108", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package" : "eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform Continuous Delivery", "release_date" : "2020-06-15T00:00:00Z", "advisory" : "RHSA-2020:2565", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_cd:18", "package" : "wildfly" }, { "product_name" : "Red Hat Single Sign-On 7.3.1 zip", "release_date" : "2019-05-09T00:00:00Z", "advisory" : "RHSA-2019:1140", "cpe" : "cpe:/a:redhat:jboss_single_sign_on:7.3" } ], "package_state" : [ { "product_name" : "Red Hat Decision Manager 7", "fix_state" : "Not affected", "package_name" : "wildfly", "cpe" : "cpe:/a:redhat:jboss_enterprise_brms_platform:7" }, { "product_name" : "Red Hat JBoss Data Virtualization 6", "fix_state" : "Out of support scope", "package_name" : "jbossas", "cpe" : "cpe:/a:redhat:jboss_data_virtualization:6" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 5", "fix_state" : "Not affected", "package_name" : "jbossas", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:5" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 6", "fix_state" : "Will not fix", "package_name" : "jbossas", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:6" }, { "product_name" : "Red Hat JBoss Fuse 6", "fix_state" : "Out of support scope", "package_name" : "wildfly", "cpe" : "cpe:/a:redhat:jboss_fuse:6" }, { "product_name" : "Red Hat JBoss Fuse Service Works 6", "fix_state" : "Out of support scope", "package_name" : "jbossas", "cpe" : "cpe:/a:redhat:jboss_fuse_service_works:6" }, { "product_name" : "Red Hat JBoss Operations Network 3", "fix_state" : "Not affected", "package_name" : "wildfly", "cpe" : "cpe:/a:redhat:jboss_operations_network:3" }, { "product_name" : "Red Hat JBoss SOA Platform 5", "fix_state" : "Not affected", "package_name" : "jbossas", "cpe" : "cpe:/a:redhat:jboss_enterprise_soa_platform:5" }, { "product_name" : "Red Hat OpenShift Application Runtimes", "fix_state" : "Not affected", "package_name" : "wildfly", "cpe" : "cpe:/a:redhat:openshift_application_runtimes:1.0" }, { "product_name" : "Red Hat Process Automation 7", "fix_state" : "Not affected", "package_name" : "wildfly", "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7" }, { "product_name" : "Red Hat Single Sign-On 7", "fix_state" : "Not affected", "package_name" : "wildfly", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7" }, { "product_name" : "Red Hat Virtualization 4", "fix_state" : "Not affected", "package_name" : "eap7-wildfly", "cpe" : "cpe:/o:redhat:rhev_hypervisor:4" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-3805\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-3805" ], "name" : "CVE-2019-3805", "csaw" : false }