J2EE Misconfiguration: Unsafe Bean Declaration

Saltar a: navegación, buscar
This page contains out-of-date content. Please help OWASP to FixME.
Last revision (yyyy-mm-dd): 2009-10-10
Comment: The page should be updated.

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

This article includes content generously donated to OWASP by Fortify.JPG.

Last revision (mm/dd/yy): 08/31/2015

Vulnerabilities Table of Contents


Entity beans that expose a remote interface become part of an application's attack surface. For performance reasons, an application should rarely use remote entity beans, so there is a good chance that a remote entity bean declaration is an error.

Risk Factors

  • Talk about the factors that make this vulnerability likely or unlikely to actually happen
  • Discuss the technical impact of a successful exploit of this vulnerability
  • Consider the likely [business impacts] of a successful attack



Related Attacks

Related Vulnerabilities

Related Controls

Related Technical Impacts