CVE-2016-7061

3.5LOW

Key Information:

Vendor: Red Hat
Status: Eap
Vendor: CVE Published:; 10 September 2018

Summary

An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.

Affected Version(s)

EAP 7.0.4

References

http://rhn.redhat.com/errata/RHSA-2017-0250.html

vendor-advisoryx_refsource_REDHAT

http://rhn.redhat.com/errata/RHSA-2017-0171.html

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2017:3458

vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 10, 2018
Vulnerability Reserved
Aug 23, 2016

Collectors

NVD DatabaseMitre Database

.