7.5
CVE-2007-6384
- EPSS 0.88%
- Veröffentlicht 15.12.2007 02:46:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginUnspecified vulnerability in the Image Converter functionality in BEA WebLogic Mobility Server 3.3, 3.5, and 3.6 through 3.6 SP1 allows remote attackers to obtain application file and resource access via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bea ≫ Weblogic Mobility Server Version3.3
Bea ≫ Weblogic Mobility Server Version3.5
Bea ≫ Weblogic Mobility Server Version3.6
Bea ≫ Weblogic Mobility Server Version3.6 Updatesp1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.88% | 0.733 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.