7.2
CVE-2003-1094
- EPSS 1.2%
- Veröffentlicht 31.12.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
BEA WebLogic Server and Express version 7.0 SP3 may follow certain code execution paths that result in an incorrect current user, such as in the frequent use of JNDI initial contexts, which could allow remote authenticated users to gain privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bea ≫ Weblogic Server Version7.0 Updatesp3
Bea ≫ Weblogic Server Version7.0 Updatesp3 Editionexpress
Bea ≫ Weblogic Server Version7.0 Updatesp3 Editionwin32
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.2% | 0.641 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-35.jsp
http://www.kb.cert.org/vuls/id/999788
http://www.securityfocus.com/bid/8320
https://exchange.xforce.ibmcloud.com/vulnerabilities/12799