Lucene search
RedhatCVELIST:CVE-2014-7827HistoryFeb 13, 2015 - 3:00 p.m.
CVE-2014-7827
2015-02-1315:00:00
redhat
raw.githubusercontent.com
4
The org.jboss.security.plugins.mapping.JBossMappingManager implementation in JBoss Security in Red Hat JBoss Enterprise Application Platform (EAP) before 6.3.3 uses the default security domain when a security domain is undefined, which allows remote authenticated users to bypass intended access restrictions by leveraging credentials on the default domain for a role that is also on the application domain.
Related
prion
prion
Design/Logic Flaw
2015-02-13 15:59:00
veracode
veracode
Authorization Bypass
2019-01-15 09:04:30
cve
cve
CVE-2014-7827
2015-02-13 15:59:04
nessus
nessus
RHEL 5 : Red Hat JBoss Enterprise Application Platform 6.3.3 update (Moderate) (RHSA-2015:0216)
2015-02-13 00:00:00
RHEL 7 : JBoss EAP (RHSA-2015:0218)
2015-09-01 00:00:00
RHEL 6 : JBoss EAP (RHSA-2015:0217)
2015-02-13 00:00:00
redhat
redhat