Back to bug 1313589
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Jason Shepherd | 2016-03-02 00:53:24 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-03-02 00:53:24 UTC | Doc Type | --- | Bug Fix |
| Jason Shepherd | 2016-03-02 00:53:39 UTC | Blocks | 1283513 | |
| Jason Shepherd | 2016-03-02 00:56:33 UTC | Whiteboard | impact=critical,public=20160418,reported=20151116,source=SupportDelivery,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected | impact=critical,public=20160418,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected |
| Jason Shepherd | 2016-03-02 00:59:28 UTC | Alias | CVE-2016-2141 | |
| Jason Shepherd | 2016-03-02 00:59:36 UTC | Summary | EMBARGOED Authorization bypass in JGroups | EMBARGOED CVE-2016-2141 Authorization bypass in JGroups |
| Carlo de Wolf | 2016-03-02 08:36:59 UTC | See Also | https://bugzilla.redhat.com/show_bug.cgi?id=1285635 | |
| Carlo de Wolf | 2016-03-09 11:46:44 UTC | Link ID | JBoss Issue Tracker JBEAP-2072 | |
| Timothy Walsh | 2016-03-09 12:25:39 UTC | Link ID | JBoss Issue Tracker JGRP-2021 | |
| Chess Hazlett | 2016-03-09 12:58:53 UTC | Depends On | 1316113 | |
| Chess Hazlett | 2016-03-09 12:58:57 UTC | Depends On | 1316114 | |
| Chess Hazlett | 2016-03-09 12:59:03 UTC | Depends On | 1316115 | |
| Jason Shepherd | 2016-04-14 06:43:41 UTC | Whiteboard | impact=critical,public=20160418,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected | impact=critical,public=20160509,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected |
| Jason Shepherd | 2016-04-21 23:46:13 UTC | Depends On | 1329429 | |
| Jason Shepherd | 2016-04-21 23:46:25 UTC | Depends On | 1329430 | |
| Jason Shepherd | 2016-04-21 23:50:15 UTC | Depends On | 1329432 | |
| Jason Shepherd | 2016-04-21 23:52:28 UTC | Depends On | 1329433 | |
| Jason Shepherd | 2016-04-21 23:59:26 UTC | Whiteboard | impact=critical,public=20160509,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected | impact=critical,public=20160509,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected,jdv-6/Clustering=affected |
| Jason Shepherd | 2016-04-21 23:59:37 UTC | CC | aszczucz, felias, hchiorea, jcoleman, jolee, mbaluch, nwallace, pavelp, vhalbert | |
| Jason Shepherd | 2016-04-22 00:03:22 UTC | Whiteboard | impact=critical,public=20160509,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected,jdv-6/Clustering=affected | impact=critical,public=20160509,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected |
| Jason Shepherd | 2016-04-22 00:03:31 UTC | CC | aileenc, gvarsami, kconner, ldimaggi, rwagner, tcunning, tkirby | |
| Jason Shepherd | 2016-04-22 00:06:59 UTC | Whiteboard | impact=critical,public=20160509,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected | impact=critical,public=20160509,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected |
| Jason Shepherd | 2016-04-22 02:16:01 UTC | Depends On | 1285635 | |
| Pavel Polischouk | 2016-04-22 02:28:07 UTC | Whiteboard | impact=critical,public=20160509,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected | impact=critical,public=20160509,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected |
| Pavel Polischouk | 2016-04-22 02:28:19 UTC | CC | alazarot, etirelli, lpetrovi, mwinkler, rrajasek, rzhang | |
| Pavel Polischouk | 2016-04-22 02:30:31 UTC | Whiteboard | impact=critical,public=20160509,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected | impact=critical,public=20160509,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected |
| Pavel Polischouk | 2016-04-22 02:31:50 UTC | Depends On | 1329456 | |
| Pavel Polischouk | 2016-04-22 02:31:57 UTC | Depends On | 1329457 | |
| Pavel Polischouk | 2016-04-22 02:32:07 UTC | Depends On | 1329458 | |
| Pavel Polischouk | 2016-04-22 02:32:15 UTC | Depends On | 1329459 | |
| Pavel Polischouk | 2016-04-22 02:32:22 UTC | Depends On | 1329460 | |
| Pavel Polischouk | 2016-04-22 02:32:29 UTC | Depends On | 1329461 | |
| Pavel Polischouk | 2016-04-22 02:32:37 UTC | Depends On | 1329462 | |
| Pavel Polischouk | 2016-04-22 02:32:45 UTC | Depends On | 1329463 | |
| Pavel Polischouk | 2016-04-22 02:32:52 UTC | Depends On | 1329464 | |
| Pavel Polischouk | 2016-04-22 03:02:49 UTC | Depends On | 1329470 | |
| Jason Shepherd | 2016-05-09 01:41:44 UTC | Whiteboard | impact=critical,public=20160509,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected | impact=critical,public=20160613,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected |
| Jason Shepherd | 2016-05-24 23:18:06 UTC | CC | msochure | |
| Chess Hazlett | 2016-05-25 20:38:03 UTC | CC | vkumar | |
| Timothy Walsh | 2016-05-26 05:47:06 UTC | Whiteboard | impact=critical,public=20160613,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected | impact=critical,public=20160613,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected |
| Timothy Walsh | 2016-05-26 05:47:18 UTC | CC | dosoudil, jshepherd | |
| Adam Mariš | 2016-06-13 09:04:20 UTC | Depends On | 1344753 | |
| Chess Hazlett | 2016-06-13 22:32:29 UTC | Doc Text | It was found that it was possible to bypass JGroups' encryption and authentication protocols. An attacker could use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. | |
| Chess Hazlett | 2016-06-14 18:44:16 UTC | Whiteboard | impact=critical,public=20160613,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected | impact=critical,public=no,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected |
| Eric Christensen | 2016-06-14 23:27:40 UTC | CC | sparks | |
| Flags | needinfo?(chazlett) | |||
| Eric Christensen | 2016-06-14 23:28:10 UTC | CC | sparks | |
| Horia Chiorean | 2016-06-15 14:02:04 UTC | CC | hchiorea | |
| Chess Hazlett | 2016-06-17 15:42:17 UTC | Whiteboard | impact=critical,public=no,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected | impact=critical,public=no,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected |
| Chess Hazlett | 2016-06-17 15:42:32 UTC | CC | bdawidow, hfnukal, jpallich, mweiler, theute | |
| Chess Hazlett | 2016-06-17 15:44:01 UTC | Depends On | 1347779 | |
| Chess Hazlett | 2016-06-17 15:44:07 UTC | Depends On | 1347780 | |
| Chess Hazlett | 2016-06-17 15:44:15 UTC | Depends On | 1347781 | |
| Chess Hazlett | 2016-06-17 16:38:15 UTC | Whiteboard | impact=critical,public=no,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected | impact=critical,public=no,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected |
| Chess Hazlett | 2016-06-20 16:11:22 UTC | Doc Text | It was found that it was possible to bypass JGroups' encryption and authentication protocols. An attacker could use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. | It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. |
| Flags | needinfo?(chazlett) | |||
| Pavel Polischouk | 2016-06-22 17:07:58 UTC | Whiteboard | impact=critical,public=no,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=notaffected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected | impact=critical,public=no,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected |
| Pavel Polischouk | 2016-06-22 18:37:49 UTC | Blocks | 1340536 | |
| Chess Hazlett | 2016-06-23 17:53:29 UTC | Whiteboard | impact=critical,public=no,reported=20151116,source=redhat,cvss2=9.0/AV:N/AC:L/Au:N/C:P/I:P/A:C,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected | impact=critical,public=no,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected |
| Chess Hazlett | 2016-06-23 17:53:41 UTC | Whiteboard | impact=critical,public=no,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected | impact=critical,public=no,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected |
| Pavel Polischouk | 2016-06-23 19:16:08 UTC | Depends On | 1288422 | |
| Chess Hazlett | 2016-06-23 20:27:09 UTC | Whiteboard | impact=critical,public=no,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected | impact=critical,public=20160623,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected |
| Chess Hazlett | 2016-06-23 20:27:21 UTC | Summary | EMBARGOED CVE-2016-2141 Authorization bypass in JGroups | CVE-2016-2141 Authorization bypass in JGroups |
| Chess Hazlett | 2016-06-23 20:27:32 UTC | Group | security, qe_staff | |
| Jason Shepherd | 2016-06-24 05:19:38 UTC | Comment 28 is private | 1 | 0 |
| Jason Shepherd | 2016-06-29 02:28:58 UTC | Whiteboard | impact=critical,public=20160623,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected | impact=critical,public=20160623,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected,fuse-6/camel=affected/impact=moderate/cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P/cvss3=8.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Jason Shepherd | 2016-06-29 03:13:49 UTC | Whiteboard | impact=critical,public=20160623,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected,fuse-6/camel=affected/impact=moderate/cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P/cvss3=8.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | impact=critical,public=20160623,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected,fuse-6/camel=affected/impact=moderate/cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P/cvss3=8.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/netty=affected |
| Jason Shepherd | 2016-06-29 03:14:12 UTC | CC | jason.greene, jboss-set | |
| Jason Shepherd | 2016-06-29 03:15:29 UTC | Whiteboard | impact=critical,public=20160623,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected,fuse-6/camel=affected/impact=moderate/cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P/cvss3=8.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/netty=affected | impact=critical,public=20160623,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected,fuse-6/camel=affected/impact=moderate/cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P/cvss3=8.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Pavel Polischouk | 2016-07-07 23:00:19 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-07-07 19:00:19 UTC | |||
| Chess Hazlett | 2016-07-19 16:36:12 UTC | Blocks | 1357958 | |
| Chess Hazlett | 2016-07-19 18:58:36 UTC | Whiteboard | impact=critical,public=20160623,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected,fuse-6/camel=affected/impact=moderate/cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P/cvss3=8.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | impact=critical,public=20160623,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected,fuse-6/camel=affected/impact=moderate/cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P/cvss3=8.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,rhsso-7/Clustering=affected |
| Jason Shepherd | 2016-08-10 23:32:57 UTC | Blocks | 1366063 | |
| Hooman Broujerdi | 2016-10-03 23:53:03 UTC | Blocks | 1379523 | |
| Hooman Broujerdi | 2016-10-04 00:10:45 UTC | Blocks | 1379523 | |
| Hooman Broujerdi | 2016-10-04 00:19:14 UTC | Blocks | 1379523 | |
| Hooman Broujerdi | 2016-10-05 05:57:39 UTC | Blocks | 1381801 | |
| Bharti Kundal | 2017-12-04 09:07:07 UTC | Blocks | 1520314 | |
| Bharti Kundal | 2017-12-11 17:22:33 UTC | Blocks | 1520314 | |
| Chess Hazlett | 2019-01-23 05:00:23 UTC | Summary | CVE-2016-2141 Authorization bypass in JGroups | CVE-2016-2141 JGroups: Authorization bypass |
| Whiteboard | impact=critical,public=20160623,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected,fuse-6/camel=affected/impact=moderate/cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P/cvss3=8.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,rhsso-7/Clustering=affected | impact=critical,public=20160623,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected,fuse-6/camel=affected/impact=moderate/cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P/cvss3=8.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,rhsso-7/Clustering=affected,fuse-7/camel=notaffected | ||
| Product Security DevOps Team | 2019-09-29 13:45:06 UTC | Whiteboard | impact=critical,public=20160623,reported=20151116,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,cvss3=9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,eap-6/Clustering=affected,eap-5/Clustering=affected,eap-7/Clustering=affected,jdg-6/JGroups=affected,brms-5/Clustering=affected,brms-6/Clustering=affected,bpms-6/Clustering=affected,jdv-6/Clustering=affected,soap-5/Clustering=affected,fsw-6/Clustering=affected,jpp-6/Clustering=affected,rhev-m-3/distribution=notaffected,fuse-6/camel=affected/impact=moderate/cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P/cvss3=8.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,rhsso-7/Clustering=affected,fuse-7/camel=notaffected | |
| Jonathan Christison | 2020-07-06 12:53:19 UTC | Fixed In Version | jgroups-3.6.10.Final | |
| Jonathan Christison | 2020-07-06 17:27:22 UTC | CC | ataylor, ganandan, jochrist, jwon | |
| Stanislav Ochotnicky | 2020-12-15 08:51:07 UTC | See Also | https://issues.redhat.com/browse/ENTESB-5383 |
Back to bug 1313589