CVE-2016-6330
published 2016-09-27CVE-2016-6330: The server in Red Hat JBoss Operations Network (JON), when SSL authentication is not configured for JON server / agent communication, allows remote attackers…
critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
The server in Red Hat JBoss Operations Network (JON), when SSL authentication is not configured for JON server / agent communication, allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-3737.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |
| redhat | jboss_operations_network | — | — |