CVE-2017-12149
Red Hat JBoss Application Server Remote Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
90.7%
p100
KEV
YES
Dec 10, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
90.7%EPSS · 30 days90.7%
2026-06-302026-07-16
Product
Red Hat / JBoss Application Server
Vulnerability
Red Hat JBoss Application Server Remote Code Execution Vulnerability
Added to KEV
Dec 10, 2021
Remediate by
Jun 10, 2022
Known ransomware use
Yes
Summary description
The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-12149
No related CVEs by CWE or product.