206 matches found
CVE-2023-6578
Summary (CVE-2023-6578) : Software AG WebMethods versions 10.11.x–10.15.x are affected by an access-control vulnerability in the wm.server/connect/ area. The issue allows remote access by manipulating access controls, potentially exposing internal IPs, ports, and versions when visiting /invoke/wm...
CVE-2023-6578 Software AG WebMethods access control
A vulnerability classified as critical has been found in Software AG WebMethods 10.11.x/10.15.x. Affected is an unknown function of the file wm.server/connect/. The manipulation leads to improper access controls. It is possible to launch the attack remotely. To access a file like /assets/ a popup...
PT-2023-32705 · Software Ag · Software Ag Webmethods
Name of the Vulnerable Software and Affected Versions: Software AG WebMethods versions 10.11.x through 10.15.x Description: A critical vulnerability has been found, leading to improper access controls. The issue can be exploited remotely, and it appears that insufficient access control is dependi...
Software AG webMethods Access Control Error Vulnerability
Software AG webMethods is Software AG's suite of integration and application development tools used to help organizations with tasks such as application integration, data integration, business process management, and application development. webMethods is designed to help organizations better...
CVE-2023-0925
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry listening on TCP port 2099 by default and two RMI interfaces listening on a single, dynamically assigned TCP high port. Port 2099 serves as a Java Remote Method Invocation RMI...
CVE-2023-0925
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry listening on TCP port 2099 by default and two RMI interfaces listening on a single, dynamically assigned TCP high port. Port 2099 serves as a Java Remote Method Invocation RMI...
Code injection
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry listening on TCP port 2099 by default and two RMI interfaces listening on a single, dynamically assigned TCP high port. Port 2099 serves as a Java Remote Method Invocation RMI...
CVE-2023-0925 Software AG webMethods OneData Deserialization Vulnerability
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry listening on TCP port 2099 by default and two RMI interfaces listening on a single, dynamically assigned TCP high port. Port 2099 serves as a Java Remote Method Invocation RMI...
CVE-2023-0925
Summary (CVE-2023-0925): Software AG webMethods OneData 10.11 is exposed with an embedded Azul Zulu Java 11.0.15 that runs a Java RMI registry on port 2099 and two RMI interfaces on a high, dynamically assigned port. An unauthenticated attacker with network access to these ports can instruct the ...
CVE-2023-0925 Software AG webMethods OneData Deserialization Vulnerability
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry listening on TCP port 2099 by default and two RMI interfaces listening on a single, dynamically assigned TCP high port. Port 2099 serves as a Java Remote Method Invocation RMI...
PT-2023-16621 · Software Ag · Webmethods Onedata
Name of the Vulnerable Software and Affected Versions: webMethods OneData version 10.11 Description: The issue allows an unauthenticated attacker with network connectivity to the Java RMI registry and RMI interface ports to abuse the functionality and instruct the webMethods OneData application t...
Software AG webMethods 代码问题漏洞
Software AG webMethods is Software AG's suite of integration and application development tools used to help organizations with tasks such as application integration, data integration, business process management, and application development. webMethods is designed to help organizations better...
webMethods Glue <= 6.5.1 Console Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23423/info webMethods Glue is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the...
webMethods Security Advisory: Glue console directory traversal vu lnerability
======================================================================== webMethods Security Advisory Glue console directory traversal vulnerability Announced: 2007-04-17 Affects: webMethods Glue 4.x, 5.x, 6.x Severity: High I. Description On April 11 2007, Patrick Webster reported a vulnerabilit...
CVE-2007-2048
Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and earlier allows remote attackers to read arbitrary system files via a .. dot dot in the resource parameter...
CVE-2007-2048
Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and earlier allows remote attackers to read arbitrary system files via a .. dot dot in the resource parameter...
Directory traversal
Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and earlier allows remote attackers to read arbitrary system files via a .. dot dot in the resource parameter...
CVE-2007-2048
Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and earlier allows remote attackers to read arbitrary system files via a .. dot dot in the resource parameter...
CVE-2007-2048
CVE-2007-2048 affects webMethods Glue prior to and including 6.5.1, specifically the Management Console’s /console. The vulnerability arises from insufficient validation of the resource parameter, allowing a directory traversal via .. to read arbitrary server files. Impact is reading sensitive fi...
glue-lfi.txt
aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 11-Apr-2007 Software: webMethods - webMethods Glue Management Console http://www.webmethods.com/ "With webMethods Glue developers can easily create SOAP interfaces for their existing Java and C/C++...