← Zuruck zu CVEs
CVE-2016-2141
CRITICAL9.8
Beschreibung
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
CVE Details
CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht6/30/2016
Zuletzt geandert4/12/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
redhat:enterprise_linuxredhat:jboss_enterprise_application_platformredhat:jgroups
Referenzen
http://rhn.redhat.com/errata/RHSA-2016-1435.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2016-1439.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2016-2035.html(secalert@redhat.com)
http://www.securityfocus.com/bid/91481(secalert@redhat.com)
http://www.securitytracker.com/id/1036165(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2016:1345(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2016:1346(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2016:1347(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2016:1374(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2016:1376(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2016:1389(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2016:1432(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2016:1433(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2016:1434(secalert@redhat.com)
https://issues.jboss.org/browse/JGRP-2021(secalert@redhat.com)
https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a%40%3Cdev.geode.apache.org%3E(secalert@redhat.com)
https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0%40%3Cdev.geode.apache.org%3E(secalert@redhat.com)
https://rhn.redhat.com/errata/RHSA-2016-1328.html(secalert@redhat.com)
https://rhn.redhat.com/errata/RHSA-2016-1329.html(secalert@redhat.com)
https://rhn.redhat.com/errata/RHSA-2016-1330.html(secalert@redhat.com)
https://rhn.redhat.com/errata/RHSA-2016-1331.html(secalert@redhat.com)
https://rhn.redhat.com/errata/RHSA-2016-1332.html(secalert@redhat.com)
https://rhn.redhat.com/errata/RHSA-2016-1333.html(secalert@redhat.com)
https://rhn.redhat.com/errata/RHSA-2016-1334.html(secalert@redhat.com)
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2016-1435.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2016-1439.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2016-2035.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/91481(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1036165(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2016:1345(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2016:1346(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2016:1347(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2016:1374(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2016:1376(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2016:1389(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2016:1432(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2016:1433(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2016:1434(af854a3a-2127-422b-91ae-364da2661108)
https://issues.jboss.org/browse/JGRP-2021(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a%40%3Cdev.geode.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0%40%3Cdev.geode.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://rhn.redhat.com/errata/RHSA-2016-1328.html(af854a3a-2127-422b-91ae-364da2661108)
https://rhn.redhat.com/errata/RHSA-2016-1329.html(af854a3a-2127-422b-91ae-364da2661108)
https://rhn.redhat.com/errata/RHSA-2016-1330.html(af854a3a-2127-422b-91ae-364da2661108)
https://rhn.redhat.com/errata/RHSA-2016-1331.html(af854a3a-2127-422b-91ae-364da2661108)
https://rhn.redhat.com/errata/RHSA-2016-1332.html(af854a3a-2127-422b-91ae-364da2661108)
https://rhn.redhat.com/errata/RHSA-2016-1333.html(af854a3a-2127-422b-91ae-364da2661108)
https://rhn.redhat.com/errata/RHSA-2016-1334.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.