{"id":"RHSA-2017:2809","summary":"Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update","modified":"2026-03-18T10:02:11Z","published":"2024-09-29T17:11:14Z","upstream":["CVE-2014-9970","CVE-2015-6644","CVE-2017-2582","CVE-2017-5645","CVE-2017-7536"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2809"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410481"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443635"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1444015"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1455566"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1465573"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/JBEAP-11484"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2809.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2014-9970"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2014-9970"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9970"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-6644"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-6644"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-6644"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-2582"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-2582"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-2582"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-5645"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-5645"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5645"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-7536"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-7536"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7536"}],"affected":[{"package":{"name":"eap7-artemis-native","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-artemis-native"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.1.0-13.redhat_4.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-artemis-native-wildfly","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-artemis-native-wildfly"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.1.0-13.redhat_4.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-bouncycastle","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-bouncycastle"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.56.0-3.redhat_2.2.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-bouncycastle-mail","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-bouncycastle-mail"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.56.0-3.redhat_2.2.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-bouncycastle-pkix","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-bouncycastle-pkix"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.56.0-3.redhat_2.2.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-bouncycastle-prov","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-bouncycastle-prov"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.56.0-3.redhat_2.2.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-hibernate-validator","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-hibernate-validator"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.2.5-2.Final_redhat_2.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-hibernate-validator-cdi","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-hibernate-validator-cdi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.2.5-2.Final_redhat_2.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-jasypt","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-jasypt"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.9.2-2.redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-jboss-jms-api_2.0_spec","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-jboss-jms-api_2.0_spec"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.1-2.Final_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-jboss-logmanager","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-jboss-logmanager"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.0.7-2.Final_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-jboss-metadata","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-jboss-metadata"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.0.2-2.Final_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-jboss-metadata-appclient","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-jboss-metadata-appclient"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.0.2-2.Final_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-jboss-metadata-common","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-jboss-metadata-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.0.2-2.Final_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-jboss-metadata-ear","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-jboss-metadata-ear"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.0.2-2.Final_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-jboss-metadata-ejb","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-jboss-metadata-ejb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.0.2-2.Final_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-jboss-metadata-web","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-jboss-metadata-web"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.0.2-2.Final_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-jboss-remote-naming","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-jboss-remote-naming"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.0.5-1.Final_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-jboss-remoting","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-jboss-remoting"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.0.24-1.Final_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-log4j-jboss-logmanager","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-log4j-jboss-logmanager"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.1.4-2.Final_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-picketlink-api","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-picketlink-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.5-9.SP8_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-picketlink-bindings","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-picketlink-bindings"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.5-9.SP8_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-picketlink-common","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-picketlink-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.5-9.SP8_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-picketlink-config","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-picketlink-config"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.5-9.SP8_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-picketlink-federation","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-picketlink-federation"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.5-9.SP8_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-picketlink-idm-api","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-picketlink-idm-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.5-9.SP8_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-picketlink-idm-impl","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-picketlink-idm-impl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.5-9.SP8_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-picketlink-idm-simple-schema","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-picketlink-idm-simple-schema"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.5-9.SP8_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-picketlink-impl","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-picketlink-impl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.5-9.SP8_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-picketlink-wildfly8","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-picketlink-wildfly8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.5-9.SP8_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-undertow","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-undertow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.3.31-1.Final_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-wildfly","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-wildfly"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.8-4.GA_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-wildfly-javadocs","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-wildfly-javadocs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.8-1.GA_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}},{"package":{"name":"eap7-wildfly-modules","ecosystem":"Red Hat:jboss_enterprise_application_platform:7::el6","purl":"pkg:rpm/redhat/eap7-wildfly-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.8-4.GA_redhat_1.1.ep7.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:2809.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}