Red Hat · Red Hat Jboss Enterprise Application Platform · CVE-2016-5406
**Name of the Vulnerable Software and Affected Versions**
Red Hat JBoss Enterprise Application Platform (EAP) versions prior to 7.0.2
**Description**
The issue concerns the domain controller in Red Hat JBoss Enterprise Application Platform (EAP), where remote authenticated users can gain privileges. This is due to the failure to propagate administrative Role-Based Access Control (RBAC) configuration to all slaves, which can be leveraged by attackers.
**Recommendations**
For versions prior to 7.0.2, update to version 7.0.2 or later to resolve the issue.