Back to search
CVE-2016-7061
Published: Sep 10, 2018
Modified: Aug 6, 2024
PUBLISHED
CVSS v3.0
3.5
LOW
Description
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
| Vendor | Product | Versions |
|---|---|---|
Red Hat | EAP | affected 7.0.4 |
Weaknesses (CWE)
CVSS v3.0 Details
CVSS v3.0 Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
References
RHSA-2017:0250
vendor-advisory
x_refsource_REDHAT
RHSA-2017:0171
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3458
vendor-advisory
x_refsource_REDHAT
RHSA-2017:0244
vendor-advisory
x_refsource_REDHAT
RHSA-2017:0172
vendor-advisory
x_refsource_REDHAT
RHSA-2017:0246
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3455
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3456
vendor-advisory
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7061
x_refsource_CONFIRM
94222
vdb-entry
x_refsource_BID
RHSA-2017:3454
vendor-advisory
x_refsource_REDHAT
RHSA-2017:0170
vendor-advisory
x_refsource_REDHAT
RHSA-2017:0245
vendor-advisory
x_refsource_REDHAT
RHSA-2017:0247
vendor-advisory
x_refsource_REDHAT
RHSA-2017:0173
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now