Information Disclosure Vulnerability in JBoss Enterprise Application Platform Allows Unauthorized Access to Sensitive Data
CVE-2016-7061 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
Learn more about our User Device Pen Test.