Weblogic Server@9.2 Security Vulnerabilities and Issues — Weblogic Server@9.2 CVE List

Lucene search

BeaWeblogic Server9.2

6 matches found

CVE•added 2007/01/23 12:28 a.m.•36 views

CVE-2007-0422

BEA WebLogic Server 9.0, 9.1, and 9.2 Gold, when running on Solaris 9, allows remote attackers to cause a denial of service (server inaccessibility) via manipulated socket connections.

5CVSS6.7AI score0.01084EPSS

CVE•added 2007/05/16 1:19 a.m.•36 views

CVE-2007-2704

BEA WebLogic Server 9.0 through 9.2 allows remote attackers to cause a denial of service (SSL port unavailability) by accessing a half-closed SSL socket.

5.4CVSS6.7AI score0.00866EPSS

CVE•added 2007/01/23 12:28 a.m.•35 views

CVE-2007-0420

BEA WebLogic Server 9.0, 9.1, and 9.2 Gold allows remote attackers to obtain sensitive information via malformed HTTP requests, which reveal data from previous requests.

5CVSS6.2AI score0.00508EPSS

CVE•added 2007/08/31 12:17 a.m.•34 views

CVE-2007-4616

The SSL server implementation in BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP1, and 10.0 sometimes selects the null cipher when no other cipher is compatible between the server and client, which might allow remote attackers to intercept communication...

6.4CVSS6.7AI score0.00859EPSS

CVE•added 2007/10/18 9:17 p.m.•34 views

CVE-2007-5576

BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows physically proximate attackers to obtain sensitive information via the (1) cnsbind, (2) cnsunbind, or (3) cnsls commands.

6.8CVSS6.3AI score0.00602EPSS

CVE•added 2007/01/23 12:28 a.m.•31 views

CVE-2007-0411

BEA WebLogic Server 8.1 through 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when WS-Security is used, does not properly validate certificates, which allows remote attackers to conduct a man-in-the-middle (MITM) attack.

6.8CVSS6.6AI score0.00517EPSS