Lucene search

[email protected]CVE-2006-2470

HistoryMay 19, 2006 - 10:02 a.m.

CVE-2006-2470

2006-05-1910:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-2470

weblogic server

administration console

bea

jdbc

security policies

nvd

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.0%

JSON

Unspecified vulnerability in the WebLogic Server Administration Console for BEA WebLogic Server 9.0 prevents the console from setting custom JDBC security policies correctly, which could allow attackers to bypass intended policies.

CPENameOperatorVersion
bea:weblogic_serverbea weblogic servereq9.0

CPE	Name	Operator	Version
bea:weblogic_server	bea weblogic server	eq	9.0

References

dev2dev.bea.com/pub/advisory/188

secunia.com/advisories/20130

www.vupen.com/english/advisories/2006/1828

exchange.xforce.ibmcloud.com/vulnerabilities/26464

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.0%

JSON

Related for CVE-2006-2470

prion1