Lucene search

[email protected]NVD:CVE-2006-0419

HistoryJan 25, 2006 - 11:07 p.m.

CVE-2006-0419

2006-01-2523:07:00

[email protected]

web.nvd.nist.gov

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.007

Percentile

80.3%

JSON

BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6 allows anonymous binds to the embedded LDAP server, which allows remote attackers to read user entries or cause a denial of service (unspecified) via a large number of connections.

Affected configurations

Nvd

Node

beaweblogic_serverMatch7.0sp1

beaweblogic_serverMatch7.0sp1express

beaweblogic_serverMatch7.0sp2

beaweblogic_serverMatch7.0sp2express

beaweblogic_serverMatch7.0sp3

beaweblogic_serverMatch7.0sp3express

beaweblogic_serverMatch7.0sp4

beaweblogic_serverMatch7.0sp4express

beaweblogic_serverMatch7.0sp5

beaweblogic_serverMatch7.0sp5express

beaweblogic_serverMatch7.0sp6

beaweblogic_serverMatch7.0sp6express

beaweblogic_serverMatch8.1sp1

beaweblogic_serverMatch8.1sp1express

beaweblogic_serverMatch8.1sp2

beaweblogic_serverMatch8.1sp2express

beaweblogic_serverMatch8.1sp3

beaweblogic_serverMatch8.1sp3express

beaweblogic_serverMatch8.1sp4

beaweblogic_serverMatch8.1sp4express

beaweblogic_serverMatch8.1sp5

beaweblogic_serverMatch8.1sp5express

beaweblogic_serverMatch9.0

beaweblogic_serverMatch9.0express

VendorProductVersionCPE
beaweblogic_server7.0cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*
beaweblogic_server7.0cpe:2.3:a:bea:weblogic_server:7.0:sp1:express:*:*:*:*:*
beaweblogic_server7.0cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*
beaweblogic_server7.0cpe:2.3:a:bea:weblogic_server:7.0:sp2:express:*:*:*:*:*
beaweblogic_server7.0cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*
beaweblogic_server7.0cpe:2.3:a:bea:weblogic_server:7.0:sp3:express:*:*:*:*:*
beaweblogic_server7.0cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*
beaweblogic_server7.0cpe:2.3:a:bea:weblogic_server:7.0:sp4:express:*:*:*:*:*
beaweblogic_server7.0cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*
beaweblogic_server7.0cpe:2.3:a:bea:weblogic_server:7.0:sp5:express:*:*:*:*:*

Vendor	Product	Version	CPE
bea	weblogic_server	7.0	cpe:2.3:a:bea:weblogic_server:7.0:sp1::::::
bea	weblogic_server	7.0	cpe:2.3:a:bea:weblogic_server:7.0:sp1:express:::::*
bea	weblogic_server	7.0	cpe:2.3:a:bea:weblogic_server:7.0:sp2::::::
bea	weblogic_server	7.0	cpe:2.3:a:bea:weblogic_server:7.0:sp2:express:::::*
bea	weblogic_server	7.0	cpe:2.3:a:bea:weblogic_server:7.0:sp3::::::
bea	weblogic_server	7.0	cpe:2.3:a:bea:weblogic_server:7.0:sp3:express:::::*
bea	weblogic_server	7.0	cpe:2.3:a:bea:weblogic_server:7.0:sp4::::::
bea	weblogic_server	7.0	cpe:2.3:a:bea:weblogic_server:7.0:sp4:express:::::*
bea	weblogic_server	7.0	cpe:2.3:a:bea:weblogic_server:7.0:sp5::::::
bea	weblogic_server	7.0	cpe:2.3:a:bea:weblogic_server:7.0:sp5:express:::::*

Rows per page:

1-10 of 241

References

dev2dev.bea.com/pub/advisory/163

securitytracker.com/id?1015528

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.007

Percentile

80.3%

JSON

Related for NVD:CVE-2006-0419

cvelist1 prion1 cve1