{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-06-11T00:00:00", "descriptions": [{"lang": "en", "value": "The invokeNextValve function in identity/federation/bindings/tomcat/idp/AbstractIDPValve.java in PicketLink before 2.8.0.Beta1 does not properly check role based authorization, which allows remote authenticated users to gain access to restricted application resources via a (1) direct request or (2) request through an SP initiated flow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-08-26T18:57:02", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2015:1671", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1671.html"}, {"name": "RHSA-2015:1672", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1672.html"}, {"name": "RHSA-2015:1673", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1673.html"}, {"name": "RHSA-2015:1670", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1670.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/picketlink/picketlink-bindings/pull/124"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.jboss.org/browse/PLINK-708"}, {"name": "RHSA-2015:1669", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1669.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216123"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:39:31.599Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2015:1671", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1671.html"}, {"name": "RHSA-2015:1672", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1672.html"}, {"name": "RHSA-2015:1673", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1673.html"}, {"name": "RHSA-2015:1670", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1670.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/picketlink/picketlink-bindings/pull/124"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.jboss.org/browse/PLINK-708"}, {"name": "RHSA-2015:1669", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1669.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216123"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-3158", "datePublished": "2015-08-26T19:00:00", "dateReserved": "2015-04-10T00:00:00", "dateUpdated": "2024-08-06T05:39:31.599Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:picketlink:picketlink:*:cr3:*:*:*:*:*:*", "matchCriteriaId": "83CEC199-4353-42BF-B562-23CA949FF5FC", "versionEndIncluding": "2.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The invokeNextValve function in identity/federation/bindings/tomcat/idp/AbstractIDPValve.java in PicketLink before 2.8.0.Beta1 does not properly check role based authorization, which allows remote authenticated users to gain access to restricted application resources via a (1) direct request or (2) request through an SP initiated flow."}, {"lang": "es", "value": "Vulnerabilidad en la funci\u00f3n invokeNextValve en identity/federation/bindings/tomcat/idp/AbstractIDPValve.java en PicketLink en versiones anteriores a 2.8.0.Beta1, no verifica adecuadamente la autorizaci\u00f3n basada en un rol, lo que permite a usuarios remotos autenticados obtener acceso a recursos de aplicaciones restringidos a trav\u00e9s de una (1) petici\u00f3n directa o (2) petici\u00f3n a trav\u00e9s de un flujo SP iniciado."}], "id": "CVE-2015-3158", "lastModified": "2015-08-27T14:00:51.167", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-08-26T19:59:01.690", "references": [{"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1669.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1670.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1671.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1672.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1673.html"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216123"}, {"source": "secalert@redhat.com", "url": "https://github.com/picketlink/picketlink-bindings/pull/124"}, {"source": "secalert@redhat.com", "url": "https://issues.jboss.org/browse/PLINK-708"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2015:1672", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4", "package": "picketlink", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "glassfish-jsf-eap6-0:2.1.28-9.redhat_10.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "hibernate4-eap6-0:4.2.20-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "hornetq-0:2.3.25-4.SP3_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-appclient-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-appclient-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-bundles-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cli-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-client-all-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-clustering-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cmp-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-configadmin-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-connector-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-console-0:2.5.6-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-client-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-core-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-core-security-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-repository-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-scanner-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-domain-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-http-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-management-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-deployment-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ejb3-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-embedded-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-host-controller-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jacorb-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-javadocs-0:7.5.3-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxr-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxrs-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jdr-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jmx-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jpa-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsf-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsr77-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-logging-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-mail-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-management-client-content-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-messaging-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-modcluster-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-modules-eap-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-naming-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-network-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-configadmin-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-service-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-picketlink-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-platform-mbean-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-pojo-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-process-controller-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-product-eap-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-protocol-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-remoting-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-sar-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-security-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-server-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-standalone-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-system-jmx-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-threads-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-transactions-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-version-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-web-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-webservices-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-welcome-content-eap-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-weld-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-xts-0:7.5.3-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-hal-0:2.5.6-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-modules-0:1.3.7-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossts-1:4.17.30-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossweb-0:7.5.10-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "picketlink-bindings-0:2.5.4-8.SP7_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "picketlink-federation-0:2.5.4-8.SP7_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1669", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "resteasy-0:2.3.12-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "glassfish-jsf-eap6-0:2.1.28-9.redhat_10.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "hibernate4-eap6-0:4.2.20-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "hornetq-0:2.3.25-4.SP3_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-appclient-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-appclient-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-bundles-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cli-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-client-all-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-clustering-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cmp-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-configadmin-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-connector-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-console-0:2.5.6-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-client-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-core-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-core-security-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-repository-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-scanner-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-domain-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-http-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-management-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-deployment-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ejb3-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-embedded-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-host-controller-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jacorb-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-javadocs-0:7.5.3-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxr-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxrs-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jdr-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jmx-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jpa-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsf-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsr77-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-logging-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-mail-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-management-client-content-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-messaging-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-modcluster-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-modules-eap-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-naming-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-network-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-configadmin-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-service-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-picketlink-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-platform-mbean-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-pojo-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-process-controller-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-product-eap-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-protocol-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-remoting-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-sar-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-security-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-server-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-standalone-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-system-jmx-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-threads-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-transactions-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-version-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-web-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-webservices-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-welcome-content-eap-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-weld-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-xts-0:7.5.3-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-hal-0:2.5.6-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-modules-0:1.3.7-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossts-1:4.17.30-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossweb-0:7.5.10-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "picketlink-bindings-0:2.5.4-8.SP7_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "picketlink-federation-0:2.5.4-8.SP7_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1670", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "resteasy-0:2.3.12-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1673", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-ec2-eap-0:7.5.3-1.Final_redhat_2.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "glassfish-jsf-eap6-0:2.1.28-9.redhat_10.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "hibernate4-eap6-0:4.2.20-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "hornetq-0:2.3.25-4.SP3_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-appclient-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-appclient-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-bundles-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-cli-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-client-all-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-clustering-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-cmp-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-configadmin-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-connector-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-console-0:2.5.6-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-controller-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-controller-client-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-core-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-core-security-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-deployment-repository-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-deployment-scanner-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-domain-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-domain-http-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-domain-management-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ee-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ee-deployment-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ejb3-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-embedded-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-host-controller-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jacorb-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-javadocs-0:7.5.3-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jaxr-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jaxrs-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jdr-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jmx-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jpa-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jsf-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jsr77-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-logging-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-mail-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-management-client-content-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-messaging-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-modcluster-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-modules-eap-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-naming-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-network-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-configadmin-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-service-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-picketlink-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-platform-mbean-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-pojo-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-process-controller-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-product-eap-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-protocol-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-remoting-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-sar-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-security-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-server-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-standalone-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-system-jmx-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-threads-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-transactions-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-version-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-web-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-webservices-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-welcome-content-eap-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-weld-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-xts-0:7.5.3-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-hal-0:2.5.6-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-modules-0:1.3.7-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossts-1:4.17.30-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossweb-0:7.5.10-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "picketlink-bindings-0:2.5.4-8.SP7_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "picketlink-federation-0:2.5.4-8.SP7_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}, {"advisory": "RHSA-2015:1671", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "resteasy-0:2.3.12-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2015-08-24T00:00:00Z"}], "bugzilla": {"description": "PicketLink: PicketLink IDP ignores role based authorization", "id": "1216123", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216123"}, "csaw": false, "cvss": {"cvss_base_score": "3.5", "cvss_scoring_vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "status": "verified"}, "details": ["The invokeNextValve function in identity/federation/bindings/tomcat/idp/AbstractIDPValve.java in PicketLink before 2.8.0.Beta1 does not properly check role based authorization, which allows remote authenticated users to gain access to restricted application resources via a (1) direct request or (2) request through an SP initiated flow.", "A flaw was found in the PicketLink Identity Provider Configuration (IDP) where, under specific conditions, the IDP ignores role-based authorization. This could lead to an authenticated user being able to access application resources that are not permitted for a given role."], "name": "CVE-2015-3158", "package_state": [{"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:6", "fix_state": "Affected", "package_name": "picketlink", "product_name": "Red Hat BPM Suite 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:6", "fix_state": "Affected", "package_name": "picketlink", "product_name": "Red Hat JBoss BRMS 6"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:6", "fix_state": "Affected", "package_name": "picketlink", "product_name": "Red Hat JBoss Data Grid 6"}, {"cpe": "cpe:/a:redhat:jboss_data_virtualization:6", "fix_state": "Affected", "package_name": "picketlink", "product_name": "Red Hat JBoss Data Virtualization 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5", "fix_state": "Will not fix", "package_name": "picketlink", "product_name": "Red Hat JBoss Enterprise Application Platform 5"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Affected", "package_name": "picketlink", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:jboss_operations_network:3", "fix_state": "Affected", "package_name": "picketlink", "product_name": "Red Hat JBoss Operations Network 3"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_portal_platform:6", "fix_state": "Affected", "package_name": "picketlink", "product_name": "Red Hat JBoss Portal 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_soa_platform:5", "fix_state": "Will not fix", "package_name": "picketlink", "product_name": "Red Hat JBoss SOA Platform 5"}], "public_date": "2015-06-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-3158\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-3158"], "threat_severity": "Moderate"}