Lucene search

[email protected]CVE-2006-2468

HistoryMay 19, 2006 - 10:02 a.m.

CVE-2006-2468

2006-05-1910:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

weblogic server

administration console

bea

weblogic server 8.1

weblogic server 7.0

security vulnerability

cve-2006-2468

information disclosure

7.2 High

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

60.2%

JSON

The WebLogic Server Administration Console in BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 displays the domain name in the Console login form, which allows remote attackers to obtain sensitive information.

CPENameOperatorVersion
bea:weblogic_serverbea weblogic servereq8.1
bea:weblogic_serverbea weblogic servereq7.0

CPE	Name	Operator	Version
bea:weblogic_server	bea weblogic server	eq	8.1
bea:weblogic_server	bea weblogic server	eq	7.0

References

dev2dev.bea.com/pub/advisory/190

secunia.com/advisories/20130

securitytracker.com/id?1016097

securitytracker.com/id?1016099

www.vupen.com/english/advisories/2006/1828

exchange.xforce.ibmcloud.com/vulnerabilities/26468

7.2 High

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

60.2%

JSON

Related for CVE-2006-2468

prion1