Description
The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain.
References (2)
Core 2
Core References
Patch x_refsource_confirm
http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA00-08.jsp
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6326
Scores
EPSS
0.0009
EPSS Percentile
26.1%
Details
Status
published
Products (1)
bea/tuxedo
7.1
Published
Dec 31, 2001
Tracked Since
Feb 18, 2026