It was found in EAP 7 before 7.0.9 that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system.
History

Fri, 23 Aug 2024 09:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2018-07-26T17:00:00

Updated: 2024-08-05T18:28:16.591Z

Reserved: 2017-08-01T00:00:00

Link: CVE-2017-12167

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-07-26T17:29:00.253

Modified: 2024-11-21T03:08:58.203

Link: CVE-2017-12167

cve-icon Redhat

Severity : Moderate

Publid Date: 2017-09-14T00:00:00Z

Links: CVE-2017-12167 - Bugzilla