vulnerability

Red Hat JBoss EAP: CVE-2016-2141: Other

Name: Red Hat JBoss EAP: CVE-2016-2141: Other
Creator: Red Hat
Published: 2016-06-23T00:00:00.000Z
Keywords: CVE, Red Hat JBoss EAP, 2016, 2141, Other, red-hat-jboss-eap-upgrade-latest, Severity 7

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Jun 23, 2016

Added

Sep 19, 2024

Modified

Jun 19, 2025

Description

It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.. It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.

Solution

red-hat-jboss-eap-upgrade-latest

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report