CVE-2008-0864

EPSS 0.38%
Published 21.02.2008 01:44:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote attackers to bypass intended access restrictions.

Affected products Warnungen 0 Metrics 2 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Bea Systems ≫ Weblogic Portal Version8.1_sp6

Oracle ≫ Weblogic Portal Version8.1 Updatesp3

Oracle ≫ Weblogic Portal Version8.1 Updatesp4

Oracle ≫ Weblogic Portal Version8.1 Updatesp5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.38%	0.566

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.vupen.com/english/advisories/2008/0613

http://secunia.com/advisories/29041

http://dev2dev.bea.com/pub/advisory/256

http://www.securitytracker.com/id?1019454

https://nvd.nist.gov/vuln/detail/CVE-2008-0864

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-0864

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-0864

EUVD