Launchpad.net

CVE 2016-7066

It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations.

See the CVE page on Mitre.org for more details.

References