Back to bug 1401661
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Bharti Kundal | 2016-12-05 19:26:24 UTC | CC | security-response-team | |
| Bharti Kundal | 2016-12-05 19:26:38 UTC | Blocks | 1349683 | |
| Bharti Kundal | 2017-01-31 17:02:13 UTC | Link ID | JBoss Issue Tracker JBEAP-5177 | |
| Šimon Lukašík | 2017-11-01 10:06:48 UTC | CC | slukasik | |
| Bharti Kundal | 2017-12-04 06:48:11 UTC | Doc Text | It was found that the improper default permissions on /tmp/auth directory in EAP 7 can allow any local user to connect to CLI and allow the user to execute any arbitary operations. | |
| Bharti Kundal | 2017-12-04 09:07:07 UTC | Blocks | 1520314 | |
| Pedro Sampaio | 2017-12-04 14:30:40 UTC | Summary | EMBARGOED CVE-2016-7066 Any local users can connect to jboss-cli | EMBARGOED CVE-2016-7066 admin-cli: Any local users can connect to jboss-cli |
| Whiteboard | impact=important,public=no,reported=20160623,source=redhat,cvss2=6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C,eap-7/admin-cli=affected | impact=important,reported=20160622,source=redhat,cvss2=6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C,eap-7/admin-cli=affected | ||
| Eric Christensen | 2017-12-04 15:14:39 UTC | Whiteboard | impact=important,reported=20160622,source=redhat,cvss2=6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C,eap-7/admin-cli=affected | impact=important,reported=20160621,source=redhat,cvss2=6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C,eap-7/admin-cli=affected |
| Bharti Kundal | 2017-12-13 16:45:32 UTC | Group | security, qe_staff | |
| CC | bkundal, chazlett, dimitris, psotirop | |||
| Summary | EMBARGOED CVE-2016-7066 admin-cli: Any local users can connect to jboss-cli | CVE-2016-7066 admin-cli: Any local users can connect to jboss-cli | ||
| Whiteboard | impact=important,reported=20160621,source=redhat,cvss2=6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C,eap-7/admin-cli=affected | impact=important,public=20171213,reported=20160621,source=redhat,cvss2=6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C,eap-7/admin-cli=affected | ||
| Viliam Križan | 2018-02-12 10:34:33 UTC | Whiteboard | impact=important,public=20171213,reported=20160621,source=redhat,cvss2=6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C,eap-7/admin-cli=affected | impact=important,public=20171213,reported=20160623,source=redhat,cvss2=6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C,eap-7/admin-cli=affected |
| Andrej Nemec | 2018-09-11 12:18:59 UTC | Fixed In Version | eap 7.1.0 | |
| Andrej Nemec | 2018-09-11 12:19:43 UTC | Summary | CVE-2016-7066 admin-cli: Any local users can connect to jboss-cli | CVE-2016-7066 admin-cli: Any local users can connect to jboss-cli |
| Whiteboard | impact=important,public=20171213,reported=20160623,source=redhat,cvss2=6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C,eap-7/admin-cli=affected | impact=important,public=20171213,reported=20160623,source=redhat,cvss2=6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C,cwe=CWE-266,eap-7/admin-cli=affected | ||
| PnT Account Manager | 2018-10-19 21:38:51 UTC | CC | bkundal | |
| Sam Fowler | 2019-05-01 04:25:41 UTC | Doc Text | It was found that the improper default permissions on /tmp/auth directory in EAP 7 can allow any local user to connect to CLI and allow the user to execute any arbitary operations. | It was found that the improper default permissions on /tmp/auth directory in EAP 7 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations. |
| Product Security DevOps Team | 2019-09-29 14:01:53 UTC | Whiteboard | impact=important,public=20171213,reported=20160623,source=redhat,cvss2=6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C,cwe=CWE-266,eap-7/admin-cli=affected | |
| PnT Account Manager | 2019-11-05 01:07:24 UTC | CC | psakar | |
| PnT Account Manager | 2020-10-16 22:25:28 UTC | CC | pgier | |
| PnT Account Manager | 2021-01-04 07:40:43 UTC | CC | slukasik | |
| Joshua Padman | 2021-10-21 11:48:17 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2021-10-21 11:48:17 UTC |
Back to bug 1401661