Description
The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves.
Remediation
References
Related Vulnerabilities
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8623)
Drupal Core 7.x Information Disclosure (7.0 - 7.26)
WordPress Plugin Subscribe To Comments Reloaded Multiple Vulnerabilities (140204)
Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)