📦

aqualogic_service_bus

Vendor: bea

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 0.94% Exploit Prob.

Latest CVE CVE-2007-0432 Jan 23

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2007-0432

BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 does not properly reject malformed request messages to a proxy service, which might allow remote attackers to bypass authorization policies and route requests to back-end services or conduct other unauthorized activities.

EPSS: 0.61%

Severity: HIGH

Jan 23, 2007

6.5 CVSS

CVE-2007-0433

Unspecified vulnerability in BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2, when using Active Directory LDAP for authentication, allows remote authenticated users to access the server even after the account has been disabled.

EPSS: 1.27%

Severity: MEDIUM

Jan 23, 2007

Displaying 2 of 2 Total Entries

Total 1 Sections