CVE-2006-1358

2006-03-2202:00:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.6%

JSON

Unspecified vulnerability in BEA WebLogic Portal 8.1 up to SP5 causes a JSR-168 Portlet to be retrieved from the cache for the wrong session, which might allow one user to see a Portlet of another user.

References

ftp://ftpna.beasys.com/pub/releases/security/patch_CR259534_81SP5.zip

dev2dev.bea.com/pub/advisory/182

secunia.com/advisories/19308

securitytracker.com/id?1015791

www.securityfocus.com/bid/17164

www.vupen.com/english/advisories/2006/1022

exchange.xforce.ibmcloud.com/vulnerabilities/25345