CVE-2023-0925

Summary (CVE-2023-0925): Software AG webMethods OneData 10.11 is exposed with an embedded Azul Zulu Java 11.0.15 that runs a Java RMI registry on port 2099 and two RMI interfaces on a high, dynamically assigned port. An unauthenticated attacker with network access to these ports can instruct the ...

CVE-2023-6578

Summary (CVE-2023-6578) : Software AG WebMethods versions 10.11.x–10.15.x are affected by an access-control vulnerability in the wm.server/connect/ area. The issue allows remote access by manipulating access controls, potentially exposing internal IPs, ports, and versions when visiting /invoke/wm...