9.8

CVE-2016-2141

It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RedhatJgroups Version < 4.0
RedhatJboss Enterprise Application Platform Version5.2
   RedhatEnterprise Linux Version5.0
   RedhatEnterprise Linux Version6.0
   RedhatEnterprise Linux Version7.0
RedhatJboss Enterprise Application Platform Version6.4
   RedhatEnterprise Linux Version5.0
   RedhatEnterprise Linux Version6.0
   RedhatEnterprise Linux Version7.0
RedhatJboss Enterprise Application Platform Version7.0
   RedhatEnterprise Linux Version5.0
   RedhatEnterprise Linux Version6.0
   RedhatEnterprise Linux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.7% 0.906
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Patch
Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1376
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-2035.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-1435.html
Vendor Advisory
https://access.redhat.com/errata/RHSA-2016:1432
Vendor Advisory
https://access.redhat.com/errata/RHSA-2016:1433
Vendor Advisory
https://access.redhat.com/errata/RHSA-2016:1434
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-1439.html
Vendor Advisory
http://www.securityfocus.com/bid/91481
VDB Entry
http://www.securitytracker.com/id/1036165
Third Party Advisory
Broken Link
VDB Entry
https://access.redhat.com/errata/RHSA-2016:1345
Vendor Advisory
https://access.redhat.com/errata/RHSA-2016:1346
Vendor Advisory
https://access.redhat.com/errata/RHSA-2016:1347
Vendor Advisory
https://access.redhat.com/errata/RHSA-2016:1374
Vendor Advisory
https://access.redhat.com/errata/RHSA-2016:1389
Vendor Advisory
https://issues.jboss.org/browse/JGRP-2021
Vendor Advisory
Issue Tracking
https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a%40%3Cdev.geode.apache.org%3E
https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0%40%3Cdev.geode.apache.org%3E
https://rhn.redhat.com/errata/RHSA-2016-1328.html
Vendor Advisory
https://rhn.redhat.com/errata/RHSA-2016-1329.html
Vendor Advisory
Broken Link
https://rhn.redhat.com/errata/RHSA-2016-1330.html
Vendor Advisory
https://rhn.redhat.com/errata/RHSA-2016-1331.html
Vendor Advisory
Broken Link
https://rhn.redhat.com/errata/RHSA-2016-1332.html
Vendor Advisory
https://rhn.redhat.com/errata/RHSA-2016-1333.html
Vendor Advisory
Broken Link
https://rhn.redhat.com/errata/RHSA-2016-1334.html
Vendor Advisory