偵測

Plugin

RHEL 7：RHEL 7 上的 Red Hat JBoss Enterprise Application Platform 7.2.9 (RHSA-2020: 3638)

critical Nessus Plugin ID 140390

語系：

概要

遠端 Red Hat 主機缺少一個或多個安全性更新。

說明

遠端 Redhat Enterprise Linux 7 主機上安裝的套件受到 RHSA-2020: 3638 公告中提及的多個弱點影響。

- hibernate：Hibernate ORM 中的 SQL 注入攻擊問題 (CVE-2019-14900)

- jackson-databind：未正確處理序列化小工具與類型之間的互動，可能導致遠端命令執行 (CVE-2020-10672、CVE-2020-10673)

- dom4j：預設 SAX 剖析器中的 XML 外部實體弱點 (CVE-2020-10683)

- Undertow：由於允許 HTTP 要求中存在無效字元，導致未能完整修復 CVE-2017-2666 (CVE-2020-10687)

- hibernate-validator：插入限制錯誤訊息時未正確驗證輸入 (CVE-2020-10693)

- wildfly-elytron：使用 FORM 驗證時的工作階段固定 (CVE-2020-10714)

- wildfly：透過 EmbeddedManagedProcess API 洩漏了 TCCL 設定 (CVE-2020-10718)

- wildfly：Wildfly Enterprise Java Beans 中存在不安全的還原序列化 (CVE-2020-10740)

- wildfly：某些 EJB 交易物件可能累積，從而造成拒絕服務 (CVE-2020-14297)

- wildfly：收到回應後，可能無法正確移除 EJB SessionOpenInvocations，進而造成拒絕服務 (CVE-2020-14307)

- resteasy：未正確驗證 MediaTypeHeaderDelegate.java 類別中的回應標頭 (CVE-2020-1695)

- EAP：未依照 RFC7230 剖析欄位名稱 (CVE-2020-1710)

- wildfly：使用替代保護網域時，WildFlySecurityManager 中存在不當授權問題 (CVE-2020-1748)

- Mojarra：loc 或 con 參數導致的路徑遊走，CVE-2018-14371 的不完整修復 (CVE-2020-6950)

- jackson-databind：缺少某個 xbean-reflect/JNDI 封鎖 (CVE-2020-8840)

- jackson-databind：shaded-hikari-config 中的序列化小工具 (CVE-2020-9546)

- jackson-databind：ibatis-sqlmap 中的序列化小工具 (CVE-2020-9547)

- jackson-databind：anteros-core 中的序列化小工具 (CVE-2020-9548)

請注意，Nessus 並未測試這些問題，而是僅依據應用程式自我報告的版本號碼作出判斷。

解決方案

更新受影響的套件。

另請參閱

http://www.nessus.org/u?5ad39889

http://www.nessus.org/u?ba87944c

http://www.nessus.org/u?fdc49160

https://access.redhat.com/security/updates/classification/#important

https://access.redhat.com/errata/RHSA-2020:3638

https://bugzilla.redhat.com/show_bug.cgi?id=1666499

https://bugzilla.redhat.com/show_bug.cgi?id=1694235

https://bugzilla.redhat.com/show_bug.cgi?id=1730462

https://bugzilla.redhat.com/show_bug.cgi?id=1785049

https://bugzilla.redhat.com/show_bug.cgi?id=1793970

https://bugzilla.redhat.com/show_bug.cgi?id=1805006

https://bugzilla.redhat.com/show_bug.cgi?id=1805501

https://bugzilla.redhat.com/show_bug.cgi?id=1807707

https://bugzilla.redhat.com/show_bug.cgi?id=1815470

https://bugzilla.redhat.com/show_bug.cgi?id=1815495

https://bugzilla.redhat.com/show_bug.cgi?id=1816330

https://bugzilla.redhat.com/show_bug.cgi?id=1816332

https://bugzilla.redhat.com/show_bug.cgi?id=1816337

https://bugzilla.redhat.com/show_bug.cgi?id=1816340

https://bugzilla.redhat.com/show_bug.cgi?id=1825714

https://bugzilla.redhat.com/show_bug.cgi?id=1828476

https://bugzilla.redhat.com/show_bug.cgi?id=1834512

https://bugzilla.redhat.com/show_bug.cgi?id=1851327

https://bugzilla.redhat.com/show_bug.cgi?id=1853595

https://issues.redhat.com/browse/JBEAP-18366

https://issues.redhat.com/browse/JBEAP-18667

https://issues.redhat.com/browse/JBEAP-18849

https://issues.redhat.com/browse/JBEAP-18880

https://issues.redhat.com/browse/JBEAP-18906

https://issues.redhat.com/browse/JBEAP-18919

https://issues.redhat.com/browse/JBEAP-18965

https://issues.redhat.com/browse/JBEAP-19039

https://issues.redhat.com/browse/JBEAP-19058

https://issues.redhat.com/browse/JBEAP-19120

https://issues.redhat.com/browse/JBEAP-19255

https://issues.redhat.com/browse/JBEAP-19271

https://issues.redhat.com/browse/JBEAP-19315

https://issues.redhat.com/browse/JBEAP-19463

https://issues.redhat.com/browse/JBEAP-19565

https://issues.redhat.com/browse/JBEAP-19587

https://issues.redhat.com/browse/JBEAP-19620

https://issues.redhat.com/browse/JBEAP-19624

https://issues.redhat.com/browse/JBEAP-19703

https://issues.redhat.com/browse/JBEAP-19704

https://issues.redhat.com/browse/JBEAP-19798

https://issues.redhat.com/browse/JBEAP-19837

https://issues.redhat.com/browse/JBEAP-19875

Plugin 詳細資訊

嚴重性: Critical

ID: 140390

檔案名稱: redhat-RHSA-2020-3638.nasl

版本: 1.10

類型: local

代理程式: unix

系列: Red Hat Local Security Checks

已發布: 2020/9/8

已更新: 2024/6/3

支援的感應器: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

風險資訊

VPR

風險因素: Medium

分數: 6.7

CVSS v2

風險因素: High

基本分數: 7.5

時間分數: 5.9

媒介: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 評分資料來源: CVE-2020-8840

CVSS v3

風險因素: Critical

基本分數: 9.8

時間分數: 8.8

媒介: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

時間媒介: CVSS:3.0/E:P/RL:O/RC:C

CVSS 評分資料來源: CVE-2020-9548

弱點資訊

CPE: p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jsf-api_2.3_spec, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client, p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb, p-cpe:/a:redhat:enterprise_linux:eap7-weld-web, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2, cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator-cdi, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-genericjms, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider, p-cpe:/a:redhat:enterprise_linux:eap7-undertow-server, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi, p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-elytron-web, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-logmanager, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-modules, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client, p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt, p-cpe:/a:redhat:enterprise_linux:eap7-undertow, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0, p-cpe:/a:redhat:enterprise_linux:eap7-dom4j, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0, p-cpe:/a:redhat:enterprise_linux:eap7-hal-console, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules

必要的 KB 項目: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

可被惡意程式利用: true

可輕鬆利用: Exploits are available

修補程式發佈日期: 2020/9/7

弱點發布日期: 2020/2/10

參考資訊

CVE: CVE-2019-14900, CVE-2020-10672, CVE-2020-10673, CVE-2020-10683, CVE-2020-10687, CVE-2020-10693, CVE-2020-10714, CVE-2020-10718, CVE-2020-10740, CVE-2020-14297, CVE-2020-14307, CVE-2020-1695, CVE-2020-1710, CVE-2020-1748, CVE-2020-6950, CVE-2020-8840, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548

CWE: 113, 20, 22, 285, 384, 400, 404, 444, 502, 611, 749, 89, 96

IAVA: 2020-A-0019, 2020-A-0324, 2020-A-0326, 2021-A-0032, 2021-A-0035-S, 2021-A-0196, 2021-A-0326, 2021-A-0328

RHSA: 2020:3638