Information Disclosure Vulnerability in JBoss Enterprise Application Platform Allows Unauthorized Access to Sensitive Data

Information Disclosure Vulnerability in JBoss Enterprise Application Platform Allows Unauthorized Access to Sensitive Data

CVE-2016-7061 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.

Learn more about our User Device Pen Test.