Lucene search

[email protected]CVE-2006-2467

HistoryMay 19, 2006 - 10:02 a.m.

CVE-2006-2467

2006-05-1910:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-2467

bea weblogic server

internal ip address

remote authentication

security vulnerability

7.1 High

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

70.1%

JSON

BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 displays the internal IP address of the WebLogic server in the WebLogic Server Administration Console, which allows remote authenticated administrators to determine the address.

CPENameOperatorVersion
bea:weblogic_serverbea weblogic servereq6.1
bea:weblogic_serverbea weblogic servereq8.1
bea:weblogic_serverbea weblogic servereq7.0

CPE	Name	Operator	Version
bea:weblogic_server	bea weblogic server	eq	6.1
bea:weblogic_server	bea weblogic server	eq	8.1
bea:weblogic_server	bea weblogic server	eq	7.0

References

dev2dev.bea.com/pub/advisory/191

secunia.com/advisories/20130

securitytracker.com/id?1016097

securitytracker.com/id?1016099

www.vupen.com/english/advisories/2006/1828

exchange.xforce.ibmcloud.com/vulnerabilities/26462

7.1 High

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

70.1%

JSON

Related for CVE-2006-2467

cvelist1 prion1