Download
| Alert*
J2EE Misconfiguration: Entity Bean Declared Remote
Description When an application exposes a remote interface for an entity bean, it might also expose methods that get or set the bean's data. These methods could be leveraged to read sensitive information, or to change data in ways that violate the application's expectations, potentially leading to other vulnerabilities. Applicable PlatformsNone Time Of Introduction
Common Consequences
Detection MethodsNone Potential Mitigations
Relationships
Demonstrative ExamplesNone White Box Definitions None Black Box Definitions None Taxynomy Mappings
References:None |