CVE-2018-8034 - Vulnerability Details

- tomcat: Host name verification missing in WebSocket client

Description

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.

Published: 2018-08-01

Score: 7.5 High

EPSS: 11.7% Moderate

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Apache Software Foundation

Apache Tomcat

affected

Version	Status	Constraints
`9.0.0.M1 to 9.0.9`	affected	—
`8.5.0 to 8.5.31`	affected	—
`8.0.0.RC1 to 8.0.52`	affected	—
`7.0.35 to 7.0.88`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc1::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc10::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc2::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc3::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc4::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc5::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc6::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc7::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc8::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc9::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone1::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone10::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone11::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone12::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone13::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone14::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone15::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone16::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone17::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone18::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone19::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone2::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone20::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone21::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone22::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone23::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone24::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone25::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone26::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone27::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone3::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone4::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone5::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone6::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone7::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone8::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone9::::::

Configuration 2 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

Configuration 3 [-]

OR	cpe:2.3:a:oracle:retail_order_broker:5.1:::::::*
	cpe:2.3:a:oracle:retail_order_broker:5.2:::::::*
	cpe:2.3:a:oracle:retail_order_broker:15.0:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 7
tomcat-0:7.0.76-9.el7	cpe:/o:redhat:enterprise_linux:7	RHSA-2019:2205	2019-08-06T00:00:00Z
Red Hat Enterprise Linux 8
pki-deps:10.6-8000020190524054914.55190bc5	cpe:/a:redhat:enterprise_linux:8	RHSA-2019:1529	2019-06-18T00:00:00Z
Red Hat Fuse 7.5.0
tomcat	cpe:/a:redhat:jboss_fuse:7	RHSA-2019:3892	2019-11-14T00:00:00Z
Red Hat JBoss Enterprise Application Platform 6.4
jbossweb	cpe:/a:redhat:jboss_enterprise_application_platform:6.4	RHSA-2019:1162	2019-05-13T00:00:00Z
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5
apache-cxf-0:2.7.18-8.SP7_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
dom4j-eap6-0:1.6.1-22.redhat_9.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
hornetq-0:2.3.25-28.SP29_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
ironjacamar-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-appclient-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jbossas-appclient-0:7.5.22-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jbossas-bundles-0:7.5.22-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-cli-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-client-all-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-clustering-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-cmp-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-configadmin-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-connector-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-console-0:2.5.19-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-controller-client-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jbossas-core-0:7.5.22-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-core-security-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-deployment-repository-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-deployment-scanner-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jbossas-domain-0:7.5.22-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-domain-http-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-domain-management-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-ee-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-ee-deployment-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-ejb3-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-embedded-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-host-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-jacorb-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jbossas-javadocs-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-jaxr-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-jaxrs-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-jdr-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-jmx-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-jpa-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-jsf-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-jsr77-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-logging-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-mail-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-management-client-content-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-messaging-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-modcluster-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jbossas-modules-eap-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-naming-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-network-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-osgi-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-osgi-configadmin-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-osgi-service-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-picketlink-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-platform-mbean-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-pojo-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-process-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jbossas-product-eap-0:7.5.22-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-protocol-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-remoting-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-sar-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-security-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-server-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jbossas-standalone-0:7.5.22-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-system-jmx-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-threads-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-transactions-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-version-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-web-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-webservices-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jbossas-welcome-content-eap-0:7.5.22-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-weld-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-as-xts-0:7.5.22-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-hal-0:2.5.19-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jboss-remote-naming-0:1.0.15-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
jbossweb-0:7.5.30-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
resteasy-0:2.3.23-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2019:1159	2019-05-13T00:00:00Z
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6
apache-cxf-0:2.7.18-8.SP7_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
dom4j-eap6-0:1.6.1-22.redhat_9.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
hornetq-0:2.3.25-28.SP29_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
ironjacamar-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-appclient-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jbossas-appclient-0:7.5.22-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jbossas-bundles-0:7.5.22-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-cli-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-client-all-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-clustering-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-cmp-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-configadmin-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-connector-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-console-0:2.5.19-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-controller-client-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jbossas-core-0:7.5.22-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-core-security-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-deployment-repository-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-deployment-scanner-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jbossas-domain-0:7.5.22-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-domain-http-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-domain-management-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-ee-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-ee-deployment-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-ejb3-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-embedded-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-host-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-jacorb-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jbossas-javadocs-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-jaxr-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-jaxrs-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-jdr-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-jmx-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-jpa-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-jsf-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-jsr77-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-logging-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-mail-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-management-client-content-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-messaging-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-modcluster-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jbossas-modules-eap-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-naming-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-network-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-osgi-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-osgi-configadmin-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-osgi-service-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-picketlink-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-platform-mbean-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-pojo-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-process-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jbossas-product-eap-0:7.5.22-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-protocol-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-remoting-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-sar-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-security-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-server-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jbossas-standalone-0:7.5.22-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-system-jmx-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-threads-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-transactions-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-version-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-web-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-webservices-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jbossas-welcome-content-eap-0:7.5.22-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-weld-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-as-xts-0:7.5.22-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-hal-0:2.5.19-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jboss-remote-naming-0:1.0.15-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
jbossweb-0:7.5.30-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
resteasy-0:2.3.23-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2019:1160	2019-05-13T00:00:00Z
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7
apache-cxf-0:2.7.18-8.SP7_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
dom4j-eap6-0:1.6.1-22.redhat_9.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
hornetq-0:2.3.25-28.SP29_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
ironjacamar-eap6-0:1.0.43-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-appclient-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jbossas-appclient-0:7.5.22-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jbossas-bundles-0:7.5.22-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-cli-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-client-all-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-clustering-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-cmp-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-configadmin-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-connector-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-console-0:2.5.19-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-controller-client-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jbossas-core-0:7.5.22-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-core-security-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-deployment-repository-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-deployment-scanner-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jbossas-domain-0:7.5.22-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-domain-http-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-domain-management-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-ee-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-ee-deployment-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-ejb3-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-embedded-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-host-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-jacorb-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jbossas-javadocs-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-jaxr-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-jaxrs-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-jdr-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-jmx-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-jpa-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-jsf-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-jsr77-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-logging-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-mail-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-management-client-content-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-messaging-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-modcluster-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jbossas-modules-eap-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-naming-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-network-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-osgi-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-osgi-configadmin-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-osgi-service-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-picketlink-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-platform-mbean-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-pojo-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-process-controller-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jbossas-product-eap-0:7.5.22-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-protocol-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-remoting-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-sar-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-security-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-server-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jbossas-standalone-0:7.5.22-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-system-jmx-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-threads-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-transactions-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-version-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-web-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-webservices-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jbossas-welcome-content-eap-0:7.5.22-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-weld-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-as-xts-0:7.5.22-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-hal-0:2.5.19-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jboss-remote-naming-0:1.0.15-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
jbossweb-0:7.5.30-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
resteasy-0:2.3.23-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2019:1161	2019-05-13T00:00:00Z
Red Hat JBoss Web Server 3.1
tomcat7	cpe:/a:redhat:jboss_enterprise_web_server:3.1	RHSA-2019:0130	2019-01-22T00:00:00Z
tomcat8	cpe:/a:redhat:jboss_enterprise_web_server:3.1	RHSA-2019:0130	2019-01-22T00:00:00Z
Red Hat JBoss Web Server 3 for RHEL 6
tomcat7-0:7.0.70-31.ep7.el6	cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6	RHSA-2019:0131	2019-01-22T00:00:00Z
tomcat8-0:8.0.36-35.ep7.el6	cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6	RHSA-2019:0131	2019-01-22T00:00:00Z
tomcat-native-0:1.2.17-18.redhat_18.ep7.el6	cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6	RHSA-2019:0131	2019-01-22T00:00:00Z
Red Hat JBoss Web Server 3 for RHEL 7
tomcat7-0:7.0.70-31.ep7.el7	cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7	RHSA-2019:0131	2019-01-22T00:00:00Z
tomcat8-0:8.0.36-35.ep7.el7	cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7	RHSA-2019:0131	2019-01-22T00:00:00Z
tomcat-native-0:1.2.17-18.redhat_18.ep7.el7	cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7	RHSA-2019:0131	2019-01-22T00:00:00Z
Red Hat JBoss Web Server 5.0
tomcat	cpe:/a:redhat:jboss_enterprise_web_server:5.0	RHSA-2019:0450	2019-03-04T00:00:00Z
Red Hat JBoss Web Server 5.0 on RHEL 6
jws5-ecj-0:4.6.1-6.redhat_1.1.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHSA-2019:0451	2019-03-04T00:00:00Z
jws5-javapackages-tools-0:3.4.1-5.15.10.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHSA-2019:0451	2019-03-04T00:00:00Z
jws5-jboss-logging-0:3.3.1-5.Final_redhat_1.1.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHSA-2019:0451	2019-03-04T00:00:00Z
jws5-mod_cluster-0:1.4.0-9.Final_redhat_1.1.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHSA-2019:0451	2019-03-04T00:00:00Z
jws5-tomcat-0:9.0.7-17.redhat_16.1.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHSA-2019:0451	2019-03-04T00:00:00Z
jws5-tomcat-native-0:1.2.17-26.redhat_26.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHSA-2019:0451	2019-03-04T00:00:00Z
jws5-tomcat-vault-0:1.1.7-5.Final_redhat_2.1.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHSA-2019:0451	2019-03-04T00:00:00Z
Red Hat JBoss Web Server 5.0 on RHEL 7
jws5-ecj-0:4.6.1-6.redhat_1.1.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHSA-2019:0451	2019-03-04T00:00:00Z
jws5-javapackages-tools-0:3.4.1-5.15.10.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHSA-2019:0451	2019-03-04T00:00:00Z
jws5-jboss-logging-0:3.3.1-5.Final_redhat_1.1.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHSA-2019:0451	2019-03-04T00:00:00Z
jws5-mod_cluster-0:1.4.0-9.Final_redhat_1.1.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHSA-2019:0451	2019-03-04T00:00:00Z
jws5-tomcat-0:9.0.7-17.redhat_16.1.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHSA-2019:0451	2019-03-04T00:00:00Z
jws5-tomcat-native-0:1.2.17-26.redhat_26.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHSA-2019:0451	2019-03-04T00:00:00Z
jws5-tomcat-vault-0:1.1.7-5.Final_redhat_2.1.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHSA-2019:0451	2019-03-04T00:00:00Z

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DLA	DLA-1453-1	tomcat7 security update
Debian DLA	DLA-1491-1	tomcat8 security update
Debian DSA	DSA-4281-1	tomcat8 security update
Github GHSA	GHSA-46j3-r4pj-4835	The host name verification missing in Apache Tomcat
Ubuntu USN	USN-3723-1	Tomcat vulnerabilities

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.11721.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722091057.GA70283%40minotaur.apache.org%3E
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/104895
http://www.securitytracker.com/id/1041374
https://access.redhat.com/errata/RHSA-2019:0130
https://access.redhat.com/errata/RHSA-2019:0131
https://access.redhat.com/errata/RHSA-2019:0450
https://access.redhat.com/errata/RHSA-2019:0451
https://access.redhat.com/errata/RHSA-2019:1159
https://access.redhat.com/errata/RHSA-2019:1160
https://access.redhat.com/errata/RHSA-2019:1161
https://access.redhat.com/errata/RHSA-2019:1162
https://access.redhat.com/errata/RHSA-2019:1529
https://access.redhat.com/errata/RHSA-2019:2205
https://access.redhat.com/errata/RHSA-2019:3892
https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2018/07/msg00047.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2018-8034
https://security.netapp.com/advisory/ntap-20180817-0001/
https://usn.ubuntu.com/3723-1/
https://www.cve.org/CVERecord?id=CVE-2018-8034
https://www.debian.org/security/2018/dsa-4281
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

History

Mon, 21 Oct 2024 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Subscriptions

Apache Tomcat

Canonical Ubuntu Linux

Debian Debian Linux

Oracle Retail Order Broker

Redhat Enterprise Linux Jboss Enterprise Application Platform Jboss Enterprise Web Server Jboss Fuse

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2018-08-01T18:00:00.000Z

Updated: 2024-10-21T16:09:49.791Z

Reserved: 2018-03-09T00:00:00.000Z

Link: CVE-2018-8034

Vulnrichment

Updated: 2024-08-05T06:46:12.214Z

NVD

Status : Modified

Published: 2018-08-01T18:29:00.313

Modified: 2024-11-21T04:13:08.547

Link: CVE-2018-8034

Redhat

Severity : Low

Publid Date: 2018-07-22T00:00:00Z

Links: CVE-2018-8034 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object