CVE-2001-1477

Name of the Vulnerable Software and Affected Versions BEA Tuxedo version 7.1

Description The issue concerns the Domain gateway in BEA Tuxedo, which fails to perform authorization checks for imported services and qspaces on remote domains, even when an Access Control List (ACL) is in place. This allows users to access services in a remote domain without proper authorization.

Recommendations For BEA Tuxedo version 7.1, consider implementing additional authorization checks for imported services and qspaces on remote domains to restrict unauthorized access until a patch is available.