ID CVE-2017-12189
Summary It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 09-10-2019 - 23:22)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2018:0002
  • rhsa
    id RHSA-2018:0003
  • rhsa
    id RHSA-2018:0004
  • rhsa
    id RHSA-2018:0005
rpms
  • eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6
  • eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6
  • eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6
  • eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6
  • eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6
  • eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6
  • eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6
  • eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6
  • eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6
  • eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6
  • eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6
  • eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6
  • eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6
  • eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6
  • eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6
  • eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6
  • eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6
  • eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6
  • eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6
  • eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6
  • eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6
  • eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6
  • eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6
  • eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6
  • eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7
  • eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7
  • eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7
  • eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7
  • eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7
  • eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7
  • eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7
  • eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7
  • eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7
  • eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7
  • eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7
  • eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7
  • eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7
  • eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7
  • eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7
  • eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7
  • eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7
  • eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7
  • eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7
  • eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7
  • eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7
  • eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7
  • eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7
  • eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7
  • eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6
  • eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7
  • eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6
  • eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7
refmap via4
bid 102407
confirm https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12189
Last major update 09-10-2019 - 23:22
Published 10-01-2018 - 19:29
Last modified 09-10-2019 - 23:22
Back to Top