Vulnerabilities > Redhat > Jboss Enterprise Application Platform > 7.2.5

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-10	CVE-2022-0866	Incorrect Authorization vulnerability in Redhat products This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. network low complexity redhat CWE-863	5.3
2020-01-23	CVE-2019-14885	Information Exposure Through Log Files vulnerability in Redhat products A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. network low complexity redhat CWE-532	4.3
2019-10-14	CVE-2019-14838	Improper Privilege Management vulnerability in Redhat products A flaw was found in wildfly-core before 7.2.5.GA. network low complexity redhat CWE-269	4.9
2018-09-11	CVE-2016-7066	Permission Issues vulnerability in Redhat Jboss Enterprise Application Platform It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations. local low complexity redhat CWE-275	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.