VYPR

Webmethods Onedata

by Software AG

CVEs (2)

  • CVE-2023-0925CriSep 6, 2023
    risk 0.64cvss 9.8epss 0.01

    Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry (listening on TCP port 2099 by default) and two RMI interfaces (listening on a single, dynamically assigned TCP high port). Port 2099 serves as a Java…

  • CVE-2023-6578HigDec 7, 2023
    risk 0.48cvss 7.3epss 0.01

    A vulnerability classified as critical has been found in Software AG WebMethods 10.11.x/10.15.x. Affected is an unknown function of the file wm.server/connect/. The manipulation leads to improper access controls. It is possible to launch the attack remotely. To access a file…