← back
CVE-2016-7066

CVE-2016-7066

EPSS 0.3%CWE-266
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
11 Sep 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations.
Affected products
Red Hat · JBoss Enterprise Application Platform

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/errata/RHSA-2017:3456https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7066