Описание
Directory traversal vulnerability in the Test View Console in BEA WebLogic Integration 9.2 before SP1 and WebLogic Workshop 8.1 SP2 through SP6, when "deployed in an exploded format," allows remote attackers to list a WebLogic Workshop Directory (wlwdir) parent directory via unspecified vectors.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:bea:weblogic_integration:9.2:*:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_workshop:8.1:sp2:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_workshop:8.1:sp3:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_workshop:8.1:sp4:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_workshop:8.1:sp5:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_workshop:8.1:sp6:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00575
Низкий
7.8 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in the Test View Console in BEA WebLogic Integration 9.2 before SP1 and WebLogic Workshop 8.1 SP2 through SP6, when "deployed in an exploded format," allows remote attackers to list a WebLogic Workshop Directory (wlwdir) parent directory via unspecified vectors.
EPSS
Процентиль: 68%
0.00575
Низкий
7.8 High
CVSS2
Дефекты
NVD-CWE-Other