RHEL 7:RHEL 7 上的 Red Hat JBoss Enterprise Application Platform 7.2.9 (RHSA-2020: 3638)
critical Nessus Plugin ID 140390
語系:
概要
遠端 Red Hat 主機缺少一個或多個安全性更新。說明
遠端 Redhat Enterprise Linux 7 主機上安裝的套件受到 RHSA-2020: 3638 公告中提及的多個弱點影響。- hibernate:Hibernate ORM 中的 SQL 注入攻擊問題 (CVE-2019-14900)
- jackson-databind:未正確處理序列化小工具與類型之間的互動,可能導致遠端命令執行 (CVE-2020-10672、CVE-2020-10673)
- dom4j:預設 SAX 剖析器中的 XML 外部實體弱點 (CVE-2020-10683)
- Undertow:由於允許 HTTP 要求中存在無效字元,導致未能完整修復 CVE-2017-2666 (CVE-2020-10687)
- hibernate-validator:插入限制錯誤訊息時未正確驗證輸入 (CVE-2020-10693)
- wildfly-elytron:使用 FORM 驗證時的工作階段固定 (CVE-2020-10714)
- wildfly:透過 EmbeddedManagedProcess API 洩漏了 TCCL 設定 (CVE-2020-10718)
- wildfly:Wildfly Enterprise Java Beans 中存在不安全的還原序列化 (CVE-2020-10740)
- wildfly:某些 EJB 交易物件可能累積,從而造成拒絕服務 (CVE-2020-14297)
- wildfly:收到回應後,可能無法正確移除 EJB SessionOpenInvocations,進而造成拒絕服務 (CVE-2020-14307)
- resteasy:未正確驗證 MediaTypeHeaderDelegate.java 類別中的回應標頭 (CVE-2020-1695)
- EAP:未依照 RFC7230 剖析欄位名稱 (CVE-2020-1710)
- wildfly:使用替代保護網域時,WildFlySecurityManager 中存在不當授權問題 (CVE-2020-1748)
- Mojarra:loc 或 con 參數導致的路徑遊走,CVE-2018-14371 的不完整修復 (CVE-2020-6950)
- jackson-databind:缺少某個 xbean-reflect/JNDI 封鎖 (CVE-2020-8840)
- jackson-databind:shaded-hikari-config 中的序列化小工具 (CVE-2020-9546)
- jackson-databind:ibatis-sqlmap 中的序列化小工具 (CVE-2020-9547)
- jackson-databind:anteros-core 中的序列化小工具 (CVE-2020-9548)
請注意,Nessus 並未測試這些問題,而是僅依據應用程式自我報告的版本號碼作出判斷。
解決方案
更新受影響的套件。另請參閱
https://access.redhat.com/security/cve/CVE-2019-14900
https://access.redhat.com/security/cve/CVE-2020-1695
https://access.redhat.com/security/cve/CVE-2020-1710
https://access.redhat.com/security/cve/CVE-2020-1748
https://access.redhat.com/security/cve/CVE-2020-6950
https://access.redhat.com/security/cve/CVE-2020-8840
https://access.redhat.com/security/cve/CVE-2020-9546
https://access.redhat.com/security/cve/CVE-2020-9547
https://access.redhat.com/security/cve/CVE-2020-9548
https://access.redhat.com/security/cve/CVE-2020-10672
https://access.redhat.com/security/cve/CVE-2020-10673
https://access.redhat.com/security/cve/CVE-2020-10683
https://access.redhat.com/security/cve/CVE-2020-10687
https://access.redhat.com/security/cve/CVE-2020-10693
https://access.redhat.com/security/cve/CVE-2020-10714
https://access.redhat.com/security/cve/CVE-2020-10718
https://access.redhat.com/security/cve/CVE-2020-10740
https://access.redhat.com/security/cve/CVE-2020-14297
https://access.redhat.com/security/cve/CVE-2020-14307
https://access.redhat.com/errata/RHSA-2020:3638
https://bugzilla.redhat.com/1666499
https://bugzilla.redhat.com/1694235
https://bugzilla.redhat.com/1730462
https://bugzilla.redhat.com/1785049
https://bugzilla.redhat.com/1793970
https://bugzilla.redhat.com/1805006
https://bugzilla.redhat.com/1805501
https://bugzilla.redhat.com/1807707
https://bugzilla.redhat.com/1815470
https://bugzilla.redhat.com/1815495
https://bugzilla.redhat.com/1816330
https://bugzilla.redhat.com/1816332
https://bugzilla.redhat.com/1816337
https://bugzilla.redhat.com/1816340
https://bugzilla.redhat.com/1825714
https://bugzilla.redhat.com/1828476
https://bugzilla.redhat.com/1834512
Plugin 詳細資訊
嚴重性: Critical
ID: 140390
檔案名稱: redhat-RHSA-2020-3638.nasl
版本: 1.9
類型: local
代理程式: unix
已發布: 2020/9/8
已更新: 2024/2/21
支援的感應器: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
風險資訊
VPR
風險因素: Medium
分數: 6.7
CVSS v2
風險因素: High
基本分數: 7.5
時間分數: 5.9
媒介: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 評分資料來源: CVE-2020-8840
CVSS v3
風險因素: Critical
基本分數: 9.8
時間分數: 8.8
媒介: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
時間媒介: CVSS:3.0/E:P/RL:O/RC:C
CVSS 評分資料來源: CVE-2020-9548
弱點資訊
CPE: cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:eap7-dom4j, p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf, p-cpe:/a:redhat:enterprise_linux:eap7-hal-console, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator-cdi, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider, p-cpe:/a:redhat:enterprise_linux:eap7-undertow, p-cpe:/a:redhat:enterprise_linux:eap7-undertow-server, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf, p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb, p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta, p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core, p-cpe:/a:redhat:enterprise_linux:eap7-weld-web, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client
必要的 KB 項目: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
可被惡意程式利用: true
可輕鬆利用: Exploits are available
修補程式發佈日期: 2020/9/7
弱點發布日期: 2020/2/10
參考資訊
CVE: CVE-2019-14900, CVE-2020-10672, CVE-2020-10673, CVE-2020-10683, CVE-2020-10687, CVE-2020-10693, CVE-2020-10714, CVE-2020-10718, CVE-2020-10740, CVE-2020-14297, CVE-2020-14307, CVE-2020-1695, CVE-2020-1710, CVE-2020-1748, CVE-2020-6950, CVE-2020-8840, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548