(We, too are RHEL7 although older version of CFE.)
This may be completely and totally unrelated. But I offer it on the tenuous off-chance that it might, perhaps, be relevant.
We had a one-off significant incident many months ago, whose root cause was a nasty network disruption. The observed net-effect symptom on many machines was that several vital CFE-maintained files (LDAP configs, etc.) became empty. (On repair of the underlying network issue, CFE on those machines then gradually repaired those files.)
During post-mortem review, one thing that we identified was that the affected (emptied) files were templated, traditional-style, and included the clause "edit_defaults => empty". The existence of that clause seems to have been ancient cargo-cult from one file, to another, to another, to another, etc. But if a file is templated, then that clause seems superfluous. And none of us could really explain or defend its ancient, cargo-cult presence.
We don't have an explanation for why CFE would have ended up emptying such files. But it did lead us to consider whether that "edit_defaults => empty" clause might be superfluous in templated files, and to start removing its instances. (We're also not sure whether that really would fully prevent the same effect under similar circumstances... nevertheless we're sure it would be no worse.. which was bad enough anyway!)
So if you are templating and if those templates say "edit_defaults => empty", I wonder whether something vaguely similar to this (which was for us a one-off major network disruption) might be involved.
As I say, probably totally unrelated, so don't let it distract.
-- David Lee