Jboss EAP Permissions Privileges and Access Controls Vulnerability - CVE-2014-0018
Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server when run under a security manager do not properly restrict access to the Modular Service Container (MSC) service registry which allows local users to modify the server via a crafted deployment.