vulnerability
Red Hat JBoss EAP: CVE-2016-2141: Other
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Jun 23, 2016 | Sep 19, 2024 | Jun 19, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jun 23, 2016
Added
Sep 19, 2024
Modified
Jun 19, 2025
Description
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.. It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
Solution
red-hat-jboss-eap-upgrade-latest
References
- CVE-2016-2141
- https://attackerkb.com/topics/CVE-2016-2141
- URL-https://access.redhat.com/security/cve/CVE-2016-2141
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=1313589
- URL-https://access.redhat.com/errata/RHSA-2016:1328
- URL-https://access.redhat.com/errata/RHSA-2016:1329
- URL-https://access.redhat.com/errata/RHSA-2016:1330
- URL-https://access.redhat.com/errata/RHSA-2016:1331
- URL-https://access.redhat.com/errata/RHSA-2016:1332
- URL-https://access.redhat.com/errata/RHSA-2016:1333
- URL-https://access.redhat.com/errata/RHSA-2016:1432
- URL-https://access.redhat.com/errata/RHSA-2016:1433
- URL-https://access.redhat.com/errata/RHSA-2016:1434
- URL-https://access.redhat.com/errata/RHSA-2016:1435
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.