CVE-2017-12189

Опубликовано: 10 янв. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656.

Ссылки

http://www.securityfocus.com/bid/102407
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2018:0002
Patch
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:0003
Patch
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:0004
Patch
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:0005
Patch
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12189
Issue Tracking
Third Party Advisory
http://www.securityfocus.com/bid/102407
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2018:0002
Patch
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:0003
Patch
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:0004
Patch
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:0005
Patch
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12189
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 15%

0.00049

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-282

NVD-CWE-noinfo

Связанные уязвимости

CVE-2017-12189

CVSS3: 7

redhat

около 8 лет назад

GHSA-g689-52m8-86fh