Lucene search
HistoryJan 25, 2006 - 11:07 p.m.
CVE-2006-0421
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
30.4%
By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when creating multiple domains from the same WebLogic instance on the same machine, allows administrators of any created domain to access other created domains, which could allow administrators to gain privileges that were not intended.
Affected configurations
Node
beaweblogic_serverMatch6.1
ORbeaweblogic_serverMatch6.1express
ORbeaweblogic_serverMatch7.0
ORbeaweblogic_serverMatch7.0express
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bea | weblogic_server | 6.1 | cpe:2.3:a:bea:weblogic_server:6.1:*:*:*:*:*:*:* |
| bea | weblogic_server | 6.1 | cpe:2.3:a:bea:weblogic_server:6.1:*:express:*:*:*:*:* |
| bea | weblogic_server | 7.0 | cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:* |
| bea | weblogic_server | 7.0 | cpe:2.3:a:bea:weblogic_server:7.0:*:express:*:*:*:*:* |
Related
prion
prion
Code injection
2006-01-25 23:07:00
cvelist
cvelist
CVE-2006-0421
2006-01-25 23:00:00
cve
cve
CVE-2006-0421
2006-01-25 23:07:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
30.4%
Related for NVD:CVE-2006-0421