4.6

CVE-2006-0421

By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when creating multiple domains from the same WebLogic instance on the same machine, allows administrators of any created domain to access other created domains, which could allow administrators to gain privileges that were not intended.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
BeaWeblogic Server Version6.1
BeaWeblogic Server Version6.1 Editionexpress
BeaWeblogic Server Version7.0
BeaWeblogic Server Version7.0 Editionexpress
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.4% 0.314
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://securitytracker.com/id?1015528
Patch
http://dev2dev.bea.com/pub/advisory/165
Patch
Vendor Advisory
http://secunia.com/advisories/18581
Patch
Vendor Advisory
http://www.securityfocus.com/bid/16358
http://www.vupen.com/english/advisories/2006/0313
https://exchange.xforce.ibmcloud.com/vulnerabilities/24286