2 matches found
CVE-2014-0169
In JBoss EAP 6 a security domain is configured to use a cache that is shared between all applications that are in the security domain. This could allow an authenticated user in one application to access protected resources in another application without proper authorization. Although this is an...
CVE-2014-0169
CVE-2014-0169 affects JBoss EAP 6: a security domain uses a cache shared across all applications in the domain, enabling an authenticated user from one application to access resources in another without proper authorization. Root cause cited as lack of clear documentation on cache isolation betwe...