VYPR
Unrated severityNVD Advisory· Published Feb 13, 2015· Updated Jun 17, 2026

CVE-2014-7827

CVE-2014-7827

Description

The org.jboss.security.plugins.mapping.JBossMappingManager implementation in JBoss Security in Red Hat JBoss Enterprise Application Platform (EAP) before 6.3.3 uses the default security domain when a security domain is undefined, which allows remote authenticated users to bypass intended access restrictions by leveraging credentials on the default domain for a role that is also on the application domain.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*range: <=6.3.2
    • (no CPE)range: <6.3.3

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.