Vulnerabilities > BEA > Aqualogic Service BUS > 2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-23 | CVE-2007-0433 | Products Multiple vulnerability in BEA Aqualogic Service BUS 2.0/2.1/2.2 Unspecified vulnerability in BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2, when using Active Directory LDAP for authentication, allows remote authenticated users to access the server even after the account has been disabled. | 6.5 |
| 2007-01-23 | CVE-2007-0432 | Products Multiple vulnerability in BEA Aqualogic Service BUS 2.0/2.1/2.5 BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 does not properly reject malformed request messages to a proxy service, which might allow remote attackers to bypass authorization policies and route requests to back-end services or conduct other unauthorized activities. | 7.5 |