Lucene search
Japan Vulnerability NotesJVN:54779201HistoryJan 20, 2012 - 12:00 a.m.
JVN#54779201: Oracle WebLogic Server vulnerable to cross-site scripting
2012-01-2000:00:00
Japan Vulnerability Notes
jvn.jp
8
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
59.7%
Oracle WebLogic Server contains a cross-site scripting vulnerability on the management console.
Impact
An arbitrary script may be executed on the browser of the user who is logged into the administration console of Oracle WebLogic Server.
Solution
Update the Software
Apply the latest update according to the information provided by the developer.
Products Affected
- Oracle WebLogic Server 9.2.4, 10.0.2, 10.3.3, 10.3.4, 10.3.5
For more information, refer to the information provided by the developer.
Related
cve
cve
CVE-2012-0077
2012-01-18 22:55:04
nessus
nessus
nvd
nvd
CVE-2012-0077
2012-01-18 22:55:04
prion
prion
Design/Logic Flaw
2012-01-18 22:55:00
cvelist
cvelist
CVE-2012-0077
2012-01-18 22:00:00
oracle
oracle
Oracle Critical Patch Update - January 2012
2012-01-17 00:00:00
securityvulns
securityvulns
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
59.7%
Related for JVN:54779201