CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-1477

The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.8%

CVSS Severity

CVSS v2 Score 4.6

References

http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA00-08.jsp
https://exchange.xforce.ibmcloud.com/vulnerabilities/6326
http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA00-08.jsp
https://exchange.xforce.ibmcloud.com/vulnerabilities/6326

Products affected by CVE-2001-1477

Bea » Tuxedo » Version: 7.1

cpe:2.3:a:bea:tuxedo:7.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-1477

Products

Pricing

Contact Us