Lucene search

[email protected]CVE-2006-0432

HistoryJan 25, 2006 - 11:07 p.m.

CVE-2006-0432

2006-01-2523:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-0432

bea weblogic server

weblogic express 9.0

administrator

security policies

jndi resources

nvd

7.4 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

30.5%

JSON

Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator uses the WebLogic Administration Console to add custom security policies, causes incorrect policies to be created, which prevents the server from properly protecting JNDI resources.

CPENameOperatorVersion
bea:weblogic_serverbea weblogic servereq9.0

CPE	Name	Operator	Version
bea:weblogic_server	bea weblogic server	eq	9.0

References

dev2dev.bea.com/pub/advisory/176

secunia.com/advisories/18592

securitytracker.com/id?1015528

www.securityfocus.com/bid/16358

www.vupen.com/english/advisories/2006/0313

exchange.xforce.ibmcloud.com/vulnerabilities/24299

7.4 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

30.5%

JSON

Related for CVE-2006-0432

prion1 cvelist1