CVE-2006-0432

Опубликовано: 25 янв. 2006

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator uses the WebLogic Administration Console to add custom security policies, causes incorrect policies to be created, which prevents the server from properly protecting JNDI resources.

Ссылки

http://dev2dev.bea.com/pub/advisory/176
Patch
Vendor Advisory
http://secunia.com/advisories/18592
Patch
Vendor Advisory
http://securitytracker.com/id?1015528
Patch
http://www.securityfocus.com/bid/16358
http://www.vupen.com/english/advisories/2006/0313
https://exchange.xforce.ibmcloud.com/vulnerabilities/24299
http://dev2dev.bea.com/pub/advisory/176
Patch
Vendor Advisory
http://secunia.com/advisories/18592
Patch
Vendor Advisory
http://securitytracker.com/id?1015528
Patch
http://www.securityfocus.com/bid/16358
http://www.vupen.com/english/advisories/2006/0313
https://exchange.xforce.ibmcloud.com/vulnerabilities/24299

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:9.0:*:express:*:*:*:*:*

EPSS

Процентиль: 29%

0.00105

Низкий

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-m4wr-7hxh-rfv4

github

почти 4 года назад