CVE-2003-0621

Опубликовано: 01 дек. 2003

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the existence of files outside the web root via modified paths in the INIFILE argument.

Ссылки

http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/advisory03_38_00.jsp
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=106762000607681&w=2
http://www.securityfocus.com/bid/8931
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/13559
http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/advisory03_38_00.jsp
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=106762000607681&w=2
http://www.securityfocus.com/bid/8931
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/13559

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bea:tuxedo:6.3:*:*:*:*:*:*:*

cpe:2.3:a:bea:tuxedo:6.4:*:*:*:*:*:*:*

cpe:2.3:a:bea:tuxedo:6.5:*:*:*:*:*:*:*

cpe:2.3:a:bea:tuxedo:7.1:*:*:*:*:*:*:*

cpe:2.3:a:bea:tuxedo:8.0:*:*:*:*:*:*:*

cpe:2.3:a:bea:tuxedo:8.1:*:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:4.2:*:enterprise:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:5.0.1:*:enterprise:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:5.1:*:enterprise:*:*:*:*:*

EPSS

Процентиль: 91%

0.0682

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wv5f-w845-j8hh

github

почти 4 года назад