An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges.
[
{
"product": "JBoss",
"vendor": "JBoss AS 7",
"versions": [
{
"status": "affected",
"version": "AS 7 Community Release"
}
]
}
]