CVE-2006-0427

Sažetak

Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allows malicious EJBs or servlet applications to decrypt system passwords, possibly by accessing functionality that should have been restricted.

Reference

http://dev2dev.bea.com/pub/advisory/171
http://secunia.com/advisories/18592
http://securitytracker.com/id?1015528
http://www.osvdb.org/22774
http://www.securityfocus.com/bid/16358
http://www.vupen.com/english/advisories/2006/0313
https://exchange.xforce.ibmcloud.com/vulnerabilities/24291

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

20-07-2017 - 01:29

Objavljeno

25-01-2006 - 23:07