Red Hat · Red Hat Jboss Enterprise Application Platform · CVE-2012-3427
**Name of the Vulnerable Software and Affected Versions**
JBoss Enterprise Application Platform (EAP) version 5.1.2
**Description**
The issue allows local users to read sensitive information, including Amazon Web Services (AWS) credentials, by accessing files in the /var/cache/jboss-ec2-eap/ directory due to the use of 755 permissions.
**Recommendations**
For JBoss Enterprise Application Platform (EAP) version 5.1.2, consider changing the permissions of the /var/cache/jboss-ec2-eap/ directory to prevent local users from reading sensitive information.