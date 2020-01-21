Vigil@nce - Red Hat JBoss EAP: information disclosure via Vault System Property Security Attribute

February 2020 by Vigil@nce

This bulletin was written by Vigil@nce : https://vigilance.fr/offer/Computer...

SYNTHESIS OF THE VULNERABILITY

Impacted products: JBoss EAP by Red Hat.

Severity: 1/4.

Consequences: data reading.

Provenance: user account.

Confidence: confirmed by the editor (5/5).

Creation date: 21/01/2020.

DESCRIPTION OF THE VULNERABILITY

An attacker can bypass access restrictions to data via Vault System Property Security Attribute of Red Hat JBoss EAP, in order to obtain sensitive information.

ACCESS TO THE FULL VIGIL@NCE BULLETIN

https://vigilance.fr/vulnerability/...