7.8

CVE-2007-2705

EPSS 0.43%
Published 16.05.2007 01:19:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Directory traversal vulnerability in the Test View Console in BEA WebLogic Integration 9.2 before SP1 and WebLogic Workshop 8.1 SP2 through SP6, when "deployed in an exploded format," allows remote attackers to list a WebLogic Workshop Directory (wlwdir) parent directory via unspecified vectors.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Bea ≫ Weblogic Integration Version9.2

Bea ≫ Weblogic Workshop Version8.1 Updatesp2

Bea ≫ Weblogic Workshop Version8.1 Updatesp3

Bea ≫ Weblogic Workshop Version8.1 Updatesp4

Bea ≫ Weblogic Workshop Version8.1 Updatesp5

Bea ≫ Weblogic Workshop Version8.1 Updatesp6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.43%	0.615

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:C/I:N/A:N

http://www.vupen.com/english/advisories/2007/1815

http://dev2dev.bea.com/pub/advisory/239

Patch

Vendor Advisory

http://osvdb.org/36063

http://www.securitytracker.com/id?1018059

https://exchange.xforce.ibmcloud.com/vulnerabilities/34281

https://nvd.nist.gov/vuln/detail/CVE-2007-2705

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-2705

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-2705

EUVD