The data file used by PicketBox Vault to store encrypted passwords contains a copy of its own admin key. The file is encrypted using only this admin key, not the corresponding JKS key. A local attacker with permission to read the vault data file could read the admin key from the file, and use it to decrypt the file and read the stored passwords stored in cleartext.
This issue has been addressed in following products: Red Hat JBoss Enterprise Application Platform 6.1.1 Via RHSA-2013:1209 https://rhn.redhat.com/errata/RHSA-2013-1209.html
This issue has been addressed in following products: JBEAP 6 for RHEL 6 Via RHSA-2013:1208 https://rhn.redhat.com/errata/RHSA-2013-1208.html
This issue has been addressed in following products: JBEAP 6 for RHEL 5 Via RHSA-2013:1207 https://rhn.redhat.com/errata/RHSA-2013-1207.html
This issue has been addressed in following products: Red Hat JBoss Portal 6.1.0 Via RHSA-2013:1437 https://rhn.redhat.com/errata/RHSA-2013-1437.html
This issue has been addressed in following products: Red Hat JBoss Data Grid 6.2.0 Via RHSA-2014:0029 https://rhn.redhat.com/errata/RHSA-2014-0029.html