CVE-2008-0870
Bea WebLogic Portal 10.0 and 9.2 up to Maintenance Pack 2 has a vulnerability that can redirect the Portal Administration Console from HTTPS to HTTP, enabling remote attackers to sniff sessions. This is documented in CVE-2008-0870 with a CVSS v2 base score of 7.5 ( HIGH ) and network attack vecto...