What is CVE-2016-2141?

CVE-2016-2141 is a critical-severity vulnerability in Redhat Enterprise_linux. CVSS score: 9.8/10. Published 2016-06-30.

How severe is CVE-2016-2141?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Redhat Enterprise_linux

CVE-2016-2141

It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive…

EPSS: 0.023 (85.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Redhat Enterprise_linux — versions 5.0, 6.0, 7.0
Redhat Jboss_enterprise_application_platform — versions 5.2, 6.4, 7.0
Redhat Jgroups
N/a — versions n/a

References

RHSA-2016:1347 (vendor-advisory, Vendor Advisory)
RHSA-2016:2035 (vendor-advisory, Vendor Advisory)
RHSA-2016:1389 (vendor-advisory, Vendor Advisory)
RHSA-2016:1345 (vendor-advisory, Vendor Advisory)
RHSA-2016:1376 (vendor-advisory, Vendor Advisory)
RHSA-2016:1330 (vendor-advisory, Vendor Advisory)
RHSA-2016:1439 (vendor-advisory, Vendor Advisory)
RHSA-2016:1331 (vendor-advisory, Broken Link, Vendor Advisory)
91481 (VDB Entry, vdb-entry)
RHSA-2016:1434 (vendor-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2016-2141?: CVE-2016-2141 is a critical-severity vulnerability in Redhat Enterprise_linux. CVSS score: 9.8/10. Published 2016-06-30.
How severe is CVE-2016-2141?: Critical severity. CVSS v3 base score is 9.8 out of 10.