The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves.
https://bugzilla.redhat.com/show_bug.cgi?id=1359014
https://access.redhat.com/errata/RHSA-2017:3458
https://access.redhat.com/errata/RHSA-2017:3456
https://access.redhat.com/errata/RHSA-2017:3455
https://access.redhat.com/errata/RHSA-2017:3454
http://rhn.redhat.com/errata/RHSA-2016-1841.html
http://rhn.redhat.com/errata/RHSA-2016-1840.html