Q: Can you provide examples of Java middleware vulnerabilities?
A: Examples of Java middleware vulnerabilities include:
- Apache Tomcat Cipher Transformation Connection Misconfiguration (CVE-2015-5351)
- Apache Tomcat Reflected File Upload (CVE-2017-12615)
- Apache Tomcat Missing HttpOnly Flag (CVE-2008-5515)
- Apache ActiveMQ Reflected Command Execution (CVE-2015-1830)
- Apache Struts2 Invalid Escape (CVE-2016-3087)
- Apache HTTP Server Improper Protocol Handling (CVE-2016-8743)
- IBM WebSphere Application Server LDAP Injection (CVE-2016-9458)
- IBM WebSphere Application Server XFF Header Information Disclosure (CVE-2015-2080)
- IBM WebSphere Application Server Parameter Injection (CVE-2017-1393)
- Oracle WebLogic Server Weak Password Vulnerability (CVE-2018-2628)