Описание
The Administration Console in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not properly enforce certain Domain Security Policies, which allows remote administrative users in the Deployer role to upload arbitrary files.
The Administration Console in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not properly enforce certain Domain Security Policies, which allows remote administrative users in the Deployer role to upload arbitrary files.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-2699
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34289
- http://dev2dev.bea.com/pub/advisory/231
- http://osvdb.org/36069
- http://packetstormsecurity.com/files/153072/Oracle-Application-Testing-Suite-WebLogic-Server-Administration-Console-War-Deployment.html
- http://secunia.com/advisories/25284
- http://securitytracker.com/id?1018057
- http://www.vupen.com/english/advisories/2007/1815
EPSS
Процентиль: 80%
0.01337
Низкий
CVE ID
Связанные уязвимости
nvd
больше 18 лет назад
The Administration Console in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not properly enforce certain Domain Security Policies, which allows remote administrative users in the Deployer role to upload arbitrary files.
EPSS
Процентиль: 80%
0.01337
Низкий