Lucene search

K
nvd[email protected]NVD:CVE-2008-5457
HistoryJan 14, 2009 - 2:30 a.m.

CVE-2008-5457

2009-01-1402:30:00
web.nvd.nist.gov
13
oracle
bea weblogic
plugins
apache
sun
iis
web servers
product suite
confidentiality
integrity
availability
remote attackers

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.1

Confidence

Low

EPSS

0.968

Percentile

99.7%

Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Affected configurations

Nvd
Node
oraclebea_product_suiteMatch7.0sp7
OR
oraclebea_product_suiteMatch8.1sp6
OR
oraclebea_product_suiteMatch9.0
OR
oraclebea_product_suiteMatch9.1
OR
oraclebea_product_suiteMatch9.2mp3
OR
oraclebea_product_suiteMatch10.0mp1
OR
oraclebea_product_suiteMatch10.3
VendorProductVersionCPE
oraclebea_product_suite7.0cpe:2.3:a:oracle:bea_product_suite:7.0:sp7:*:*:*:*:*:*
oraclebea_product_suite8.1cpe:2.3:a:oracle:bea_product_suite:8.1:sp6:*:*:*:*:*:*
oraclebea_product_suite9.0cpe:2.3:a:oracle:bea_product_suite:9.0:*:*:*:*:*:*:*
oraclebea_product_suite9.1cpe:2.3:a:oracle:bea_product_suite:9.1:*:*:*:*:*:*:*
oraclebea_product_suite9.2cpe:2.3:a:oracle:bea_product_suite:9.2:mp3:*:*:*:*:*:*
oraclebea_product_suite10.0cpe:2.3:a:oracle:bea_product_suite:10.0:mp1:*:*:*:*:*:*
oraclebea_product_suite10.3cpe:2.3:a:oracle:bea_product_suite:10.3:*:*:*:*:*:*:*

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.1

Confidence

Low

EPSS

0.968

Percentile

99.7%