- Vulnerability/
- RHSA-2020:2783
RHSA-2020:2783: Important: Red Hat JBoss Enterprise Application Platform 6.4.23 security update
First published: Wed Jul 01 2020(Updated: )
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.<br>This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.<br>Security Fix(es):<br><li> jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)</li> <li> JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)</li> For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.<br>All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| JBoss Enterprise Application Platform |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=1700855
- https://bugzilla.redhat.com/show_bug.cgi?id=1708467
- https://bugzilla.redhat.com/show_bug.cgi?id=1770615
- https://bugzilla.redhat.com/show_bug.cgi?id=1772542
- https://bugzilla.redhat.com/show_bug.cgi?id=1806398
- https://bugzilla.redhat.com/show_bug.cgi?id=1816579
- https://bugzilla.redhat.com/show_bug.cgi?id=1816629
- https://bugzilla.redhat.com/show_bug.cgi?id=1819214
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html
- https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4
- https://access.redhat.com/errata/RHSA-2020:2783 (Advisory)
Frequently Asked Questions
What is the severity of RHSA-2020:2783?
The severity of RHSA-2020:2783 is classified as moderate.
How do I fix RHSA-2020:2783?
To fix RHSA-2020:2783, it is recommended to update the Red Hat JBoss Enterprise Application Platform to version 6.4.23.
What issues does RHSA-2020:2783 address?
RHSA-2020:2783 addresses various vulnerabilities in the Red Hat JBoss Enterprise Application Platform, enhancing its security profile.
When was RHSA-2020:2783 released?
RHSA-2020:2783 was released on December 8, 2020.
Is RHSA-2020:2783 applicable to all versions of JBoss?
RHSA-2020:2783 is specifically applicable to Red Hat JBoss Enterprise Application Platform version 6.4.22 and earlier.
- agent/severity
- agent/references
- agent/type
- agent/event
- agent/last-modified-date
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2020:2783
- agent/first-publish-date
- agent/trending
- agent/title
- agent/remedy
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/red hat
- canonical/jboss enterprise application platform