Red Hat JBoss

Red Hat released a workaround for multiple JBoss products to mitigate a remote code execution vulnerability. Successful exploitation of this vulnerability could allow a remote threat actor to execute code within the Java Virtual Machine (JVM). If the affected user has administrator privileges, a threat actor could install programs or view, modify, or delete data. Affected systems include JBoss Enterprise SOA Platform 4 and 5, JBoss EAP 4 and 5, and JBoss BRMS 5. The NJCCIC recommends all users and administrators review Red Hat’s vulnerability page and apply the necessary workaround.