RHEL 7:RHEL 7 上的 Red Hat JBoss Enterprise Application Platform 7.2.9 (RHSA-2020: 3638)
critical Nessus 插件 ID 140390
语言:
简介
远程 Red Hat 主机缺少一个或多个安全更新。描述
远程 Redhat Enterprise Linux 7 主机上安装的程序包受到 RHSA-2020: 3638 公告中提及的多个漏洞的影响。- hibernate:Hibernate ORM 中的 SQL 注入问题 (CVE-2019-14900)
- jackson-databind:未正确处理序列化小工具与类型之间的交互,这可能导致远程命令执行(CVE-2020-10672、CVE-2020-10673)
- dom4j: 默认 SAX 解析器中的 XML 外部实体漏洞 (CVE-2020-10683)
- Undertow:由于在 HTTP 请求中允许无效字符,导致 CVE-2017-2666 的修复不完整 (CVE-2020-10687)
- hibernate-validator:插入限制错误消息时未正确验证输入 (CVE-2020-10693)
- wildfly-elytron:使用 FORM 身份验证时的会话固定 (CVE-2020-10714)
- wildfly:通过 EmbeddedManagedProcess API 暴露了 TCCL 设置 (CVE-2020-10718)
- wildfly:Wildfly Enterprise Java Bean 中不安全的反序列化 (CVE-2020-10740)
- wildfly:某些 EJB 事务对象可能发生累积,从而导致拒绝服务 (CVE-2020-14297)
- wildfly:收到响应后,系统可能无法正确移除 EJB SessionOpenInvocations,从而导致拒绝服务 (CVE-2020-14307)
- resteasy:未正确验证 MediaTypeHeaderDelegate.java 类中的响应标头 (CVE-2020-1695)
- EAP:字段名称未按照 RFC7230 进行解析 (CVE-2020-1710)
- wildfly:使用替代保护域时,WildFlySecurityManager 中存在不当授权问题 (CVE-2020-1748)
- Mojarra:loc 参数或 con 参数导致的路径遍历,CVE-2018-14371 的不完整修复 (CVE-2020-6950)
- jackson-databind:缺少特定 xbean-reflect/JNDI 阻断 (CVE-2020-8840)
- jackson-databind:shaded-hikari-config 中的序列化小工具 (CVE-2020-9546)
- jackson-databind:ibatis-sqlmap 中的序列化小工具 (CVE-2020-9547)
- jackson-databind:anteros-core 中的序列化小工具 (CVE-2020-9548)
请注意,Nessus 尚未测试这些问题,而是只依据应用程序自我报告的版本号进行判断。
解决方案
更新受影响的程序包。另见
https://access.redhat.com/security/cve/CVE-2019-14900
https://access.redhat.com/security/cve/CVE-2020-1695
https://access.redhat.com/security/cve/CVE-2020-1710
https://access.redhat.com/security/cve/CVE-2020-1748
https://access.redhat.com/security/cve/CVE-2020-6950
https://access.redhat.com/security/cve/CVE-2020-8840
https://access.redhat.com/security/cve/CVE-2020-9546
https://access.redhat.com/security/cve/CVE-2020-9547
https://access.redhat.com/security/cve/CVE-2020-9548
https://access.redhat.com/security/cve/CVE-2020-10672
https://access.redhat.com/security/cve/CVE-2020-10673
https://access.redhat.com/security/cve/CVE-2020-10683
https://access.redhat.com/security/cve/CVE-2020-10687
https://access.redhat.com/security/cve/CVE-2020-10693
https://access.redhat.com/security/cve/CVE-2020-10714
https://access.redhat.com/security/cve/CVE-2020-10718
https://access.redhat.com/security/cve/CVE-2020-10740
https://access.redhat.com/security/cve/CVE-2020-14297
https://access.redhat.com/security/cve/CVE-2020-14307
https://access.redhat.com/errata/RHSA-2020:3638
https://bugzilla.redhat.com/1666499
https://bugzilla.redhat.com/1694235
https://bugzilla.redhat.com/1730462
https://bugzilla.redhat.com/1785049
https://bugzilla.redhat.com/1793970
https://bugzilla.redhat.com/1805006
https://bugzilla.redhat.com/1805501
https://bugzilla.redhat.com/1807707
https://bugzilla.redhat.com/1815470
https://bugzilla.redhat.com/1815495
https://bugzilla.redhat.com/1816330
https://bugzilla.redhat.com/1816332
https://bugzilla.redhat.com/1816337
https://bugzilla.redhat.com/1816340
https://bugzilla.redhat.com/1825714
https://bugzilla.redhat.com/1828476
https://bugzilla.redhat.com/1834512
插件详情
严重性: Critical
ID: 140390
文件名: redhat-RHSA-2020-3638.nasl
版本: 1.9
类型: local
代理: unix
发布时间: 2020/9/8
最近更新时间: 2024/2/21
支持的传感器: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
风险信息
VPR
风险因素: Medium
分数: 6.7
CVSS v2
风险因素: High
基本分数: 7.5
时间分数: 5.9
矢量: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 分数来源: CVE-2020-8840
CVSS v3
风险因素: Critical
基本分数: 9.8
时间分数: 8.8
矢量: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
时间矢量: CVSS:3.0/E:P/RL:O/RC:C
CVSS 分数来源: CVE-2020-9548
漏洞信息
CPE: cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:eap7-dom4j, p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf, p-cpe:/a:redhat:enterprise_linux:eap7-hal-console, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator-cdi, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider, p-cpe:/a:redhat:enterprise_linux:eap7-undertow, p-cpe:/a:redhat:enterprise_linux:eap7-undertow-server, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf, p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb, p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta, p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core, p-cpe:/a:redhat:enterprise_linux:eap7-weld-web, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client
必需的 KB 项: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
可利用: true
易利用性: Exploits are available
补丁发布日期: 2020/9/7
漏洞发布日期: 2020/2/10
参考资料信息
CVE: CVE-2019-14900, CVE-2020-10672, CVE-2020-10673, CVE-2020-10683, CVE-2020-10687, CVE-2020-10693, CVE-2020-10714, CVE-2020-10718, CVE-2020-10740, CVE-2020-14297, CVE-2020-14307, CVE-2020-1695, CVE-2020-1710, CVE-2020-1748, CVE-2020-6950, CVE-2020-8840, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548