CVE-2006-2470

Sažetak

Unspecified vulnerability in the WebLogic Server Administration Console for BEA WebLogic Server 9.0 prevents the console from setting custom JDBC security policies correctly, which could allow attackers to bypass intended policies.

Reference

http://dev2dev.bea.com/pub/advisory/188
http://secunia.com/advisories/20130
http://www.vupen.com/english/advisories/2006/1828
https://exchange.xforce.ibmcloud.com/vulnerabilities/26464

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

20-07-2017 - 01:31

Objavljeno

19-05-2006 - 10:02