JBoss Enterprise Application Platform: JBoss EAP: JBEAP: JBoss Enterprise Application Platform: Unauthorized EJB access via authorization module bypass

A flaw was found in JBoss Enterprise Application Platform. When role-based authorization is used for Enterprise Java Beans EJB access, the system does not correctly call the necessary authorization modules. This prevents Java Authorization Contract for Containers JACC permissions from being...