CVE-2005-4758

Опубликовано: 31 дек. 2005

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

Unspecified vulnerability in the Administration server in BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allows remote authenticated Admin users to read arbitrary files via unknown attack vectors related to an "internal servlet" accessed through HTTP.

Ссылки

http://dev2dev.bea.com/pub/advisory/148
Patch
Vendor Advisory
http://secunia.com/advisories/17138
Third Party Advisory
http://www.securityfocus.com/bid/15052
Third Party Advisory
VDB Entry
http://dev2dev.bea.com/pub/advisory/148
Patch
Vendor Advisory
http://secunia.com/advisories/17138
Third Party Advisory
http://www.securityfocus.com/bid/15052
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:*:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp1:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp2:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp3:express:*:*:*:*:*

EPSS

Процентиль: 56%

0.00342

Низкий

4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-8xgg-3858-cfqw

github

почти 4 года назад