Description

The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves.

Remediation

References

CVE-2016-5406

Related Vulnerabilities

WordPress Plugin SS Quiz Multiple Unspecified Vulnerabilities (1.12)

PostgreSQL Improper Access Control Vulnerability (CVE-2016-0768)

Joomla CVE-2021-26031 Vulnerability (CVE-2021-26031)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20357)

Oracle Database Server CVE-2022-21247 Vulnerability (CVE-2022-21247)

Severity

High

Classification

CVE-2016-5406 CWE-264 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities