Is CVE-2001-1477 actively exploited?

CVE-2001-1477 has no public evidence of in-the-wild exploitation as of 2026-04-16.

What is the CVSS score for CVE-2001-1477?

CVE-2001-1477 has a CVSS score of 4.6 (UNKNOWN severity). Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P.

How do I patch CVE-2001-1477?

Patch guidance is available from bea security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2001-1477.

CVE-2001-1477 - remediation guidance & executive summary

Description

The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain.

CVSS Metrics

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Access Vector: local
Access Cmplx: low
Auth: none
Confidentiality: partial
Integrity: partial
Availability: partial
Weaknesses: NVD-CWE-Other

Metadata

Primary Vendor: BEA
Published: 12/31/2001
Last Modified: 4/16/2026
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

bea : tuxedo

Remediation Guidance

Executive Summary

Cite this page

CVE-2001-1477. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2001-1477

View on NIST NVD

CVE-2001-1477 vulnerability