CVE-2016-7066

EPSS 0.3%CWE-266

It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations.

Affected products

Red Hat · JBoss Enterprise Application Platform

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://access.redhat.com/errata/RHSA-2017:3456 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7066