CVE: CVE-2023-4503

Descrizione: An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.

Vettore di attacco CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Riferimenti esterni

• https://access.redhat.com/errata/RHSA-2023:7637
• https://access.redhat.com/errata/RHSA-2023:7638
• https://access.redhat.com/errata/RHSA-2023:7639
• https://access.redhat.com/errata/RHSA-2023:7641
• https://access.redhat.com/security/cve/CVE-2023-4503
• https://bugzilla.redhat.com/show_bug.cgi?id=2184751

Prodotti interessati

• Red Hat – EAP 7.4.14
• Red Hat – Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
• Red Hat – Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
• Red Hat – Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
• Red Hat – Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
• Red Hat – Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
• Red Hat – Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
• Red Hat – Red Hat JBoss Enterprise Application Platform Expansion Pack

Relazioni con altri prodotti

Produttore:Red Hat
Prodotto: Red Hat JBoss Enterprise Application Platform Expansion Pack
Anno: 2023
CWE: CWE-665
CVSS: 0.0

Produttore:Red Hat
Prodotto: Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
Anno: 2023
CWE: CWE-665
CVSS: 0.0

Produttore:Red Hat
Prodotto: Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
Anno: 2023
CWE: CWE-665
CVSS: 0.0

Produttore:Red Hat
Prodotto: Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
Anno: 2023
CWE: CWE-665
CVSS: 0.0

Produttore:Red Hat
Prodotto: EAP 7.4.14
Anno: 2023
CWE: CWE-665
CVSS: 0.0

Ulteriori risorse disponibili

• Vulnerabilità scoperte nello stesso anno (2023)