7.3 High
AI Score
Confidence
Low
0.083 Low
EPSS
Percentile
94.4%
BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.
dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-28.jsp
marc.info/?l=bugtraq&m=104792477914620&w=2
marc.info/?l=bugtraq&m=104792544515384&w=2
www.s21sec.com/en/avisos/s21sec-011-en.txt
www.securityfocus.com/bid/7122
www.securityfocus.com/bid/7124