CVE-2003-1094 - CERT CVE

  1. CVE-2003-1094

ID CVE-2003-1094
Sažetak BEA WebLogic Server and Express version 7.0 SP3 may follow certain code execution paths that result in an incorrect current user, such as in the frequent use of JNDI initial contexts, which could allow remote authenticated users to gain privileges.
Reference
CVSS
Base: 7.2
Impact: 10.0
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
LOCAL LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
COMPLETE COMPLETE COMPLETE
CVSS vektor AV:L/AC:L/Au:N/C:C/I:C/A:C
Zadnje važnije ažuriranje 11-07-2017 - 01:29
Objavljeno 31-12-2003 - 05:00