Описание
BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.
BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2003-0151
- http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-28.jsp
- http://marc.info/?l=bugtraq&m=104792477914620&w=2
- http://marc.info/?l=bugtraq&m=104792544515384&w=2
- http://www.s21sec.com/en/avisos/s21sec-011-en.txt
- http://www.securityfocus.com/bid/7122
- http://www.securityfocus.com/bid/7124
EPSS
Процентиль: 89%
0.0473
Низкий
CVE ID
Связанные уязвимости
nvd
почти 23 года назад
BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.
EPSS
Процентиль: 89%
0.0473
Низкий