PT-2018-4972 · Red Hat · Red Hat Jboss Enterprise Application Platform
Bharti Kundal
·
Publicado
2018-09-11
·
Atualizado
2019-10-09
·
CVE-2016-7066
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
JBoss Enterprise Application Platform versions prior to 7.1.0
Description
The issue arises from improper default permissions on the /tmp/auth directory, allowing any local user to connect to the CLI and execute arbitrary operations.
Recommendations
For versions prior to 7.1.0, update to version 7.1.0 or later to resolve the issue.
Correção
Incorrect Privilege Assignment
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Red Hat Jboss Enterprise Application Platform