All the vulnerabilites related to Red Hat, Inc. - Red Hat JBoss Enterprise Application Platform
cve-2017-12189
Vulnerability from cvelistv5
Published
2018-01-10 19:00
Modified
2024-08-05 18:28
Severity ?
EPSS score ?
Summary
It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12189 | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2018:0002 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2018:0004 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2018:0003 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2018:0005 | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/102407 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Red Hat, Inc. | Red Hat JBoss Enterprise Application Platform |
Version: 7.0.7.GA |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:28:16.689Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12189" }, { "name": "RHSA-2018:0002", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0002" }, { "name": "RHSA-2018:0004", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0004" }, { "name": "RHSA-2018:0003", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0003" }, { "name": "RHSA-2018:0005", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0005" }, { "name": "102407", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/102407" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Red Hat JBoss Enterprise Application Platform", "vendor": "Red Hat, Inc.", "versions": [ { "status": "affected", "version": "7.0.7.GA" } ] } ], "datePublic": "2017-10-09T00:00:00", "descriptions": [ { "lang": "en", "value": "It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-282", "description": "CWE-282", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-11T10:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12189" }, { "name": "RHSA-2018:0002", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0002" }, { "name": "RHSA-2018:0004", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0004" }, { "name": "RHSA-2018:0003", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0003" }, { "name": "RHSA-2018:0005", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0005" }, { "name": "102407", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/102407" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2017-12189", "datePublished": "2018-01-10T19:00:00Z", "dateReserved": "2017-08-01T00:00:00", "dateUpdated": "2024-08-05T18:28:16.689Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }