Difference between revisions of "J2EE Misconfiguration: Unsafe Bean Declaration"

Jump to: navigation, search
Line 1: Line 1:
[[ASDR Table of Contents]]
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
[[Category:FIXME|This is the text from the old template. This needs to be rewritten using the new template.]]
[[ASDR_TOC_Vulnerabilities|Vulnerabilities Table of Contents]]

Revision as of 19:32, 20 February 2009

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

This article includes content generously donated to OWASP by Fortify.JPG.

Last revision (mm/dd/yy): 02/20/2009

Vulnerabilities Table of Contents


Entity beans that expose a remote interface become part of an application's attack surface. For performance reasons, an application should rarely uses remote entity beans, so there is a good chance that a remote entity bean declaration is an error.

Risk Factors

  • Talk about the factors that make this vulnerability likely or unlikely to actually happen
  • Discuss the technical impact of a successful exploit of this vulnerability
  • Consider the likely [business impacts] of a successful attack



Related Attacks

Related Vulnerabilities

Related Controls

Related Technical Impacts