exploitDog

CVE-2006-2470

Опубликовано: 19 мая 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Unspecified vulnerability in the WebLogic Server Administration Console for BEA WebLogic Server 9.0 prevents the console from setting custom JDBC security policies correctly, which could allow attackers to bypass intended policies.

Ссылки

http://dev2dev.bea.com/pub/advisory/188
Patch
Vendor Advisory
http://secunia.com/advisories/20130
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2006/1828
https://exchange.xforce.ibmcloud.com/vulnerabilities/26464
http://dev2dev.bea.com/pub/advisory/188
Patch
Vendor Advisory
http://secunia.com/advisories/20130
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2006/1828
https://exchange.xforce.ibmcloud.com/vulnerabilities/26464

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00504

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-242w-4wxg-327r

github

больше 3 лет назад

Unspecified vulnerability in the WebLogic Server Administration Console for BEA WebLogic Server 9.0 prevents the console from setting custom JDBC security policies correctly, which could allow attackers to bypass intended policies.

EPSS

Процентиль: 65%

0.00504

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other