What is the severity of CVE-2016-7061?

CVE-2016-7061 has a moderate severity rating due to its potential for exposing sensitive information.

How do I fix CVE-2016-7061?

To fix CVE-2016-7061, upgrade to JBoss Enterprise Application Platform version 7.0.4 or later.

What systems are affected by CVE-2016-7061?

CVE-2016-7061 affects all versions of JBoss Enterprise Application Platform prior to 7.0.4.

What type of vulnerability is CVE-2016-7061?

CVE-2016-7061 is an information disclosure vulnerability related to role-based access control.

Who can exploit CVE-2016-7061?

Users with the Monitor role in JBoss Enterprise Application Platform can exploit CVE-2016-7061 to access sensitive information.

Vulnerability/
CVE-2016-7061

medium

6.5

CWE

200

30/9/2016

10/9/2018

6/8/2024

CVE-2016-7061: Infoleak

First published: Fri Sep 30 2016(Updated: )

An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/eap	<7.0.4	7.0.4
Red Hat JBoss Enterprise Application Platform	<7.0.4
Red Hat Enterprise Linux	=6.0
Red Hat Enterprise Linux	=7.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-7061?
CVE-2016-7061 has a moderate severity rating due to its potential for exposing sensitive information.
How do I fix CVE-2016-7061?
To fix CVE-2016-7061, upgrade to JBoss Enterprise Application Platform version 7.0.4 or later.
What systems are affected by CVE-2016-7061?
CVE-2016-7061 affects all versions of JBoss Enterprise Application Platform prior to 7.0.4.
What type of vulnerability is CVE-2016-7061?
CVE-2016-7061 is an information disclosure vulnerability related to role-based access control.
Who can exploit CVE-2016-7061?
Users with the Monitor role in JBoss Enterprise Application Platform can exploit CVE-2016-7061 to access sensitive information.

agent/type
agent/first-publish-date
agent/references
agent/weakness
agent/author
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2016-7061
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/event
agent/softwarecombine
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
package-manager/redhat
vendor/redhat
canonical/red hat jboss enterprise application platform
canonical/red hat enterprise linux
version/red hat enterprise linux/6.0
version/red hat enterprise linux/7.0

Frequently Asked Questions

What is the severity of CVE-2016-7061?
CVE-2016-7061 has a moderate severity rating due to its potential for exposing sensitive information.
How do I fix CVE-2016-7061?
To fix CVE-2016-7061, upgrade to JBoss Enterprise Application Platform version 7.0.4 or later.
What systems are affected by CVE-2016-7061?
CVE-2016-7061 affects all versions of JBoss Enterprise Application Platform prior to 7.0.4.
What type of vulnerability is CVE-2016-7061?
CVE-2016-7061 is an information disclosure vulnerability related to role-based access control.
Who can exploit CVE-2016-7061?
Users with the Monitor role in JBoss Enterprise Application Platform can exploit CVE-2016-7061 to access sensitive information.

CVE-2016-7061: Infoleak

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-7061?

How do I fix CVE-2016-7061?

What systems are affected by CVE-2016-7061?

What type of vulnerability is CVE-2016-7061?

Who can exploit CVE-2016-7061?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2016-7061?

How do I fix CVE-2016-7061?

What systems are affected by CVE-2016-7061?

What type of vulnerability is CVE-2016-7061?

Who can exploit CVE-2016-7061?