Lucene search

PRIOn knowledge basePRION:CVE-2007-0417

HistoryJan 23, 2007 - 12:28 a.m.

Code injection

2007-01-2300:28:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

76.7%

JSON

BEA WebLogic Server 7.0 through 7.0 SP7, 8.1 through 8.1 SP5, 9.0, and 9.1, when using the WebLogic Server 6.1 compatibility realm, allows attackers to execute certain EJB container persistence operations with an administrative identity.

CPENameOperatorVersion
weblogic_servereq8.1
weblogic_servereq9.0
weblogic_servereq7.0
weblogic_servereq8.1 sp5
weblogic_servereq9.1
weblogic_serverle7.0

Name	Operator	Version
weblogic_server	eq	8.1
weblogic_server	eq	9.0
weblogic_server	eq	7.0
weblogic_server	eq	8.1 sp5
weblogic_server	eq	9.1
weblogic_server	le	7.0

References

dev2dev.bea.com/pub/advisory/211

osvdb.org/38511

secunia.com/advisories/23750

securitytracker.com/id?1017525

www.securityfocus.com/bid/22082

www.vupen.com/english/advisories/2007/0213

7.4 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

76.7%

JSON

Related for PRION:CVE-2007-0417