{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-02-13T00:00:00", "descriptions": [{"lang": "en", "value": "Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the Modular Service Container (MSC) service registry, which allows local users to modify the server via a crafted deployment."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-01-04T17:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2014:0170", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0170.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052783"}, {"name": "RHSA-2014:0172", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0172.html"}, {"name": "65591", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/65591"}, {"name": "RHSA-2014:0171", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0171.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T08:58:26.525Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2014:0170", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0170.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052783"}, {"name": "RHSA-2014:0172", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0172.html"}, {"name": "65591", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/65591"}, {"name": "RHSA-2014:0171", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0171.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0018", "datePublished": "2014-02-14T15:00:00", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2024-08-06T08:58:26.525Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "82B6C055-25E2-4C78-ACA7-D722848BDBC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_wildfly_application_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F1EFA0C-9E51-47F2-A25C-F3564D7AACED", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the Modular Service Container (MSC) service registry, which allows local users to modify the server via a crafted deployment."}, {"lang": "es", "value": "Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 y JBoss WildFly Application Server, cuando es ejecutado bajo un gestor de seguridad, no restringe debidamente el acceso al registro del servicio Modular Service Container (MSC), lo que permite a usuarios locales modificar el servidor a trav\u00e9s de una implementaci\u00f3n manipulada."}], "id": "CVE-2014-0018", "lastModified": "2017-01-07T02:59:14.777", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-02-14T15:55:05.343", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0170.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0171.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0172.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/65591"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052783"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Stuart Douglas (Red Hat).", "affected_release": [{"advisory": "RHSA-2014:1291", "cpe": "cpe:/a:redhat:jboss_bpms:6.0", "package": "jboss-as-server", "product_name": "Red Hat JBoss BPMS 6.0", "release_date": "2014-09-23T00:00:00Z"}, {"advisory": "RHSA-2014:1290", "cpe": "cpe:/a:redhat:jboss_brms:6.0", "package": "jboss-as-server", "product_name": "Red Hat JBoss BRMS 6.0", "release_date": "2014-09-23T00:00:00Z"}, {"advisory": "RHSA-2014:0172", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.2.1", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-javadocs-0:7.3.1-3.Final_redhat_3.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-javadocs-0:7.3.1-3.Final_redhat_3.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "hornetq-0:2.3.14-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jacorb-jboss-0:2.3.2-13.redhat_6.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-appclient-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cli-0:7.3.1-4.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-client-all-0:7.3.1-4.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-clustering-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cmp-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-configadmin-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-connector-0:7.3.1-4.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-client-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-core-0:7.3.1-5.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-core-security-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-repository-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-scanner-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-http-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-management-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-deployment-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ejb3-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-embedded-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-host-controller-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jacorb-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-javadocs-0:7.3.1-3.Final_redhat_3.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxr-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxrs-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jdr-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jmx-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jpa-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsf-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsr77-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-logging-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-mail-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-management-client-content-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-messaging-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-modcluster-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-modules-eap-0:7.3.1-6.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-naming-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-network-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-0:7.3.1-4.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-configadmin-0:7.3.1-4.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-service-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-platform-mbean-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-pojo-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-process-controller-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-protocol-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-remoting-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-sar-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-security-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-server-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-system-jmx-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-threads-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-transactions-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-version-0:7.3.1-4.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-web-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-webservices-0:7.3.1-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-weld-0:7.3.1-4.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-xts-0:7.3.1-2.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-logmanager-0:1.5.2-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-marshalling-0:1.4.3-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossweb-0:7.3.0-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-xnio-base-0:3.0.9-1.GA_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "netty-0:3.6.7-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "picketbox-0:4.0.19-2.SP3_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "weld-core-0:1.1.17-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "xml-security-0:1.5.6-1.redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0170", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "xmltooling-0:1.3.4-5.redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "hornetq-0:2.3.14-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jacorb-jboss-0:2.3.2-13.redhat_6.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-appclient-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cli-0:7.3.1-4.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-client-all-0:7.3.1-4.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-clustering-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cmp-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-configadmin-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-connector-0:7.3.1-4.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-client-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-core-0:7.3.1-5.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-core-security-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-repository-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-scanner-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-http-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-management-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-deployment-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ejb3-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-embedded-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-host-controller-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jacorb-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-javadocs-0:7.3.1-3.Final_redhat_3.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxr-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxrs-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jdr-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jmx-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jpa-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsf-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsr77-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-logging-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-mail-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-management-client-content-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-messaging-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-modcluster-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-modules-eap-0:7.3.1-6.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-naming-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-network-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-0:7.3.1-4.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-configadmin-0:7.3.1-4.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-service-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-platform-mbean-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-pojo-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-process-controller-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-protocol-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-remoting-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-sar-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-security-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-server-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-system-jmx-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-threads-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-transactions-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-version-0:7.3.1-4.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-web-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-webservices-0:7.3.1-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-weld-0:7.3.1-4.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-xts-0:7.3.1-2.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-logmanager-0:1.5.2-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-marshalling-0:1.4.3-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossweb-0:7.3.0-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-xnio-base-0:3.0.9-1.GA_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "netty-0:3.6.7-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "picketbox-0:4.0.19-2.SP3_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "weld-core-0:1.1.17-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "xml-security-0:1.5.6-1.redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:0171", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "xmltooling-0:1.3.4-5.redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6", "release_date": "2014-02-13T00:00:00Z"}, {"advisory": "RHSA-2014:1995", "cpe": "cpe:/a:redhat:jboss_fuse_service_works:6.0", "package": "jboss-as-server", "product_name": "Red Hat JBoss Fuse Service Works 6.0", "release_date": "2014-12-15T00:00:00Z"}, {"advisory": "RHSA-2015:1009", "cpe": "cpe:/a:redhat:jboss_enterprise_portal_platform:6.2", "package": "jboss-as-server", "product_name": "Red Hat JBoss Portal 6.2", "release_date": "2015-05-14T00:00:00Z"}], "bugzilla": {"description": "jboss-as-server: Unchecked access to MSC Service Registry under JSM", "id": "1052783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052783"}, "csaw": false, "cvss": {"cvss_base_score": "1.9", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "status": "verified"}, "details": ["Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the Modular Service Container (MSC) service registry, which allows local users to modify the server via a crafted deployment.", "In Red Hat JBoss Enterprise Application Platform, when running under a security manager, it was possible for deployed code to get access to the Modular Service Container (MSC) service registry without any permission checks. This could allow malicious deployments to modify the internal state of the server in various ways."], "name": "CVE-2014-0018", "package_state": [{"cpe": "cpe:/a:redhat:jboss_data_grid:6", "fix_state": "Not affected", "package_name": "jboss-as-server", "product_name": "Red Hat JBoss Data Grid 6"}, {"cpe": "cpe:/a:redhat:jboss_data_virtualization:6", "fix_state": "Not affected", "package_name": "jboss-as-server", "product_name": "Red Hat JBoss Data Virtualization 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5", "fix_state": "Not affected", "package_name": "jboss-as-server", "product_name": "Red Hat JBoss Enterprise Application Platform 5"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Not affected", "package_name": "others", "product_name": "Red Hat JBoss Enterprise Web Server 1"}, {"cpe": "cpe:/a:redhat:jboss_operations_network:3", "fix_state": "Not affected", "package_name": "jboss-as-server", "product_name": "Red Hat JBoss Operations Network 3"}], "public_date": "2014-01-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-0018\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-0018"], "threat_severity": "Low"}