{"id":"RHSA-2020:2063","summary":"Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2 security update","modified":"2026-03-18T10:03:38Z","published":"2024-09-13T19:58:18Z","upstream":["CVE-2018-14371","CVE-2019-10174"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:2063"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1607709"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1703469"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2063.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-14371"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-14371"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14371"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-10174"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-10174"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10174"}],"affected":[{"package":{"name":"eap7-glassfish-jsf","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el6","purl":"pkg:rpm/redhat/eap7-glassfish-jsf"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.3.5-11.SP3_redhat_00009.1.el6eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el6","purl":"pkg:rpm/redhat/eap7-infinispan"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el6eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-cachestore-jdbc","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el6","purl":"pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el6eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-cachestore-remote","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el6","purl":"pkg:rpm/redhat/eap7-infinispan-cachestore-remote"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el6eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-client-hotrod","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el6","purl":"pkg:rpm/redhat/eap7-infinispan-client-hotrod"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el6eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-commons","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el6","purl":"pkg:rpm/redhat/eap7-infinispan-commons"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el6eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-core","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el6","purl":"pkg:rpm/redhat/eap7-infinispan-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el6eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-hibernate-cache-commons","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el6","purl":"pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el6eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-hibernate-cache-spi","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el6","purl":"pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el6eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-hibernate-cache-v53","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el6","purl":"pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el6eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-glassfish-jsf","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el7","purl":"pkg:rpm/redhat/eap7-glassfish-jsf"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.3.5-11.SP3_redhat_00009.1.el7eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el7","purl":"pkg:rpm/redhat/eap7-infinispan"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el7eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-cachestore-jdbc","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el7","purl":"pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el7eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-cachestore-remote","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el7","purl":"pkg:rpm/redhat/eap7-infinispan-cachestore-remote"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el7eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-client-hotrod","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el7","purl":"pkg:rpm/redhat/eap7-infinispan-client-hotrod"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el7eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-commons","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el7","purl":"pkg:rpm/redhat/eap7-infinispan-commons"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el7eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-core","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el7","purl":"pkg:rpm/redhat/eap7-infinispan-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el7eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-hibernate-cache-commons","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el7","purl":"pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el7eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-hibernate-cache-spi","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el7","purl":"pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el7eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-hibernate-cache-v53","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el7","purl":"pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el7eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-glassfish-jsf","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el8","purl":"pkg:rpm/redhat/eap7-glassfish-jsf"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.3.5-11.SP3_redhat_00009.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el8","purl":"pkg:rpm/redhat/eap7-infinispan"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-cachestore-jdbc","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el8","purl":"pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-cachestore-remote","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el8","purl":"pkg:rpm/redhat/eap7-infinispan-cachestore-remote"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-client-hotrod","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el8","purl":"pkg:rpm/redhat/eap7-infinispan-client-hotrod"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-commons","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el8","purl":"pkg:rpm/redhat/eap7-infinispan-commons"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-core","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el8","purl":"pkg:rpm/redhat/eap7-infinispan-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-hibernate-cache-commons","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el8","purl":"pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-hibernate-cache-spi","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el8","purl":"pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}},{"package":{"name":"eap7-infinispan-hibernate-cache-v53","ecosystem":"Red Hat:jboss_enterprise_application_platform:7.2::el8","purl":"pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.3.9-1.Final_redhat_00001.1.el8eap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:2063.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}