CVE-2003-1290

Sažetak

BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI and anonymous admin lookup enabled, allows remote attackers to obtain configuration information by accessing MBeanHome via the Java Naming and Directory Interface (JNDI).

Reference

http://dev2dev.bea.com/pub/advisory/162
http://secunia.com/advisories/10218
http://secunia.com/advisories/18396
http://www.osvdb.org/3064
http://www.securityfocus.com/bid/16215
http://www.securityfocus.com/bid/9034
https://exchange.xforce.ibmcloud.com/vulnerabilities/13752

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

20-07-2017 - 01:29

Objavljeno

31-12-2003 - 05:00