CVE-2009-1002

2009-04-1510:30:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2009-1002

oracle bea

weblogic server

remote attack

privilege escalation

vulnerability

6.5 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

74.4%

JSON

Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors.

CPENameOperatorVersion
oracle:bea_product_suiteoracle bea product suiteeq9.1
oracle:bea_product_suiteoracle bea product suiteeq8.1
oracle:bea_product_suiteoracle bea product suiteeq10.0
oracle:bea_product_suiteoracle bea product suiteeq7.0
oracle:bea_product_suiteoracle bea product suiteeq9.0
oracle:bea_product_suiteoracle bea product suiteeq10.3
oracle:bea_product_suiteoracle bea product suiteeq9.2

CPE	Name	Operator	Version
oracle:bea_product_suite	oracle bea product suite	eq	9.1
oracle:bea_product_suite	oracle bea product suite	eq	8.1
oracle:bea_product_suite	oracle bea product suite	eq	10.0
oracle:bea_product_suite	oracle bea product suite	eq	7.0
oracle:bea_product_suite	oracle bea product suite	eq	9.0
oracle:bea_product_suite	oracle bea product suite	eq	10.3
oracle:bea_product_suite	oracle bea product suite	eq	9.2