VYPR

Aqualogic Service Bus

by Bea

CVEs (2)

  • CVE-2007-0433Jan 23, 2007
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2, when using Active Directory LDAP for authentication, allows remote authenticated users to access the server even after the account has been disabled.

  • CVE-2007-0432Jan 23, 2007
    risk 0.00cvss epss 0.01

    BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 does not properly reject malformed request messages to a proxy service, which might allow remote attackers to bypass authorization policies and route requests to back-end services or conduct other unauthorized activities.