7.1
CVE-2007-2699
- EPSS 1.12%
- Published 16.05.2007 01:19:00
- Last modified 09.04.2025 00:30:58
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The Administration Console in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not properly enforce certain Domain Security Policies, which allows remote administrative users in the Deployer role to upload arbitrary files.
Data is provided by the National Vulnerability Database (NVD)
Bea ≫ Weblogic Server Version9.0
Bea ≫ Weblogic Server Version9.0 Editionexpress
Bea ≫ Weblogic Server Version9.1
Bea ≫ Weblogic Server Version9.1 Editionexpress
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.12% | 0.762 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 3.9 | 10 |
AV:N/AC:H/Au:S/C:C/I:C/A:C
|