CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2016-5406

HIGH
8.8
CVSS Severity Score
EPSS Score0.1340%
EPSS Percentile31.52th
Published2016年9月26日
Last Modified2026年5月6日

Vulnerability Description

The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves.

Affected Platforms (CPE)

📦
Redhat

Jboss Enterprise Application Platform

<= 7.0.1

References & Advisories

🔗 http://rhn.redhat.com/errata/RHSA-2016-1838.html
🔗 http://rhn.redhat.com/errata/RHSA-2016-1839.html
🔗 http://rhn.redhat.com/errata/RHSA-2016-1840.html
🔗 http://rhn.redhat.com/errata/RHSA-2016-1841.html
🔗 https://access.redhat.com/errata/RHSA-2017:3454
🔗 https://access.redhat.com/errata/RHSA-2017:3455
🔗 https://access.redhat.com/errata/RHSA-2017:3456
🔗 https://access.redhat.com/errata/RHSA-2017:3458

相關漏洞威脅

CVE-2015-75019.8

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterp...

CVE-2017-121499.8

In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in ...

CVE-2014-54019.8

Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise Application Platform software that ...

CVE-2010-18718.8

JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize i...