It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations.Referenceshttps://access.redhat.com/errata/RHSA-2017:3456https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7066
