CVE-2016-7061
CVE-2016-7061
Vexday Risk Score
8Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 3.5EPSS 1.8%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
10 set 2018Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Produtos afetados
Red Hat · EAPQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://rhn.redhat.com/errata/RHSA-2017-0170.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0171.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0172.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0173.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0244.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0245.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0246.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0247.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0250.htmlhttps://access.redhat.com/errata/RHSA-2017:3454https://access.redhat.com/errata/RHSA-2017:3455https://access.redhat.com/errata/RHSA-2017:3456