CVE-2016-7050

moderate-risk

Published 2017-06-08

SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.

Do I need to act?

0.58% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (4)

Enterprise Linux Server

Enterprise Linux Workstation

Enterprise Linux Desktop

Enterprise Linux Hpc Node

Affected Vendors

Redhat

References (4)

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2016-2604.html

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1378613

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2016-2604.html

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1378613

/ 100

moderate-risk

Severity 32/34 · Critical

Exploitability 2/34 · Minimal

Exposure 10/34 · Low