Description
An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges.
Remediation
References
Related Vulnerabilities
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-8202)
Liferay DXP CVE-2022-45320 Vulnerability (CVE-2022-45320)
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.5)
WordPress Plugin Activity Log Multiple Cross-Site Scripting Vulnerabilities (2.3.2)
Elgg Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2021-3980)