51 matches found
IBM MQ Remote Code Execution Vulnerability
IBM MQ IBM WebSphere MQ is a messaging middleware product from IBM. The product is mainly for the service-oriented architecture SOA to provide a reliable and proven messaging backbone. A remote code execution vulnerability exists in IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD, which is caused ...
The vulnerability of the Fabric Layer sub-component of the software package for building and deploying service-oriented architecture, Oracle SOA Suite, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Fabric Layer sub-component of the software package for building and deploying service-oriented architecture of Oracle SOA Suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...
Unspecified Vulnerability in Oracle SOA Suite
Oracle Fusion Middleware is Oracle's business innovation platform for enterprise and cloud environments that provides middleware, software collections, and more.Oracle SOA Suite is one of the Service Oriented Architecture SOA components for building, deploying, and managing service-oriented...
CVE-2016-3496
Unspecified vulnerability in the Enterprise Manager for Fusion Middleware component in Oracle Enterprise Manager Grid Control 11.1.1.7, and 11.1.1.9 allows remote attackers to affect confidentiality via vectors related to SOA Topology Viewer...
Toxy - Hackable Http Proxy To Simulate Server Failure Scenarios And Network Conditions
Toxy is a fully programmatic and hackable HTTP proxy to simulate server failure scenarios and unexpected network conditions , built for node.js / io.js . It was mainly designed for fuzzing/evil testing purposes, when toxy becomes particularly useful to cover fault tolerance and resiliency...
WS-Attacker - Modular Framework for Web Services Penetration Testing
XML-based SOAP Web Services are a widely used technology, which allows the users to execute remote operations and transport arbitrary data. It is currently adapted in Service Oriented Architectures, cloud interfaces, management of federated identities, eGovernment, or millitary services. The wide...
Unspecified Vulnerability in Oracle SOA Suite Fabric Layer Subcomponent
Oracle SOA Suite is a comprehensive, hot-pluggable software suite for building, deploying, and managing service-oriented architectures SOA. A security vulnerability exists in the Oracle SOA Suite Fabric Layer subcomponent that could be exploited by remote attackers to compromise system...
JBoss: AuthorizationInterceptor allows JMX operation to proceed despite authorization failure
The AuthorizationInterceptor in JBoss Enterprise Application Platform EAP before 5.2.0, Web Platform EWP before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 does not properly restrict access, which allows remote authenticated users to bypass intended role restrictions and...
JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...
JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...
PT-2012-1581 · Red Hat +1 · Jboss Enterprise Portal Platform +3
Name of the Vulnerable Software and Affected Versions: JBoss Enterprise Portal Platform versions prior to 5.2.2 BRMS Platform 5.3.0 before roll up patch 1 SOA Platform 5.3.0 before roll up patch 1 Description: A cross-site request forgery CSRF issue exists in the JMX Console, allowing remote...