Описание
BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.
BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2003-0151
- http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-28.jsp
- http://marc.info/?l=bugtraq&m=104792477914620&w=2
- http://marc.info/?l=bugtraq&m=104792544515384&w=2
- http://www.s21sec.com/en/avisos/s21sec-011-en.txt
- http://www.securityfocus.com/bid/7122
- http://www.securityfocus.com/bid/7124
EPSS
Процентиль: 89%
0.0473
Низкий
CVE ID
Связанные уязвимости
nvd
около 23 лет назад
BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.
EPSS
Процентиль: 89%
0.0473
Низкий