Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1477

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2001-1477
Last Modified 05 Sep 2008 04:26:39
Published 31 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-1477

Summary

The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain.

Vulnerable Systems

Application

  • Bea Tuxedo 7.1


References

XF - bea-tuxedo-remote-access(6326)

CONFIRM - http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA00-08.jsp


Last Updated: 27 May 2016 10:36:41