The improper default permissions on /tmp/auth directory can allow any local user to connect to CLI and allow arbitary operations.
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform Via RHSA-2017:3456 https://access.redhat.com/errata/RHSA-2017:3456
Acknowledgments: Name: Jeremy Choi (Red Hat)