ID |
CVE-2006-0432
|
Summary |
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator uses the WebLogic Administration Console to add custom security policies, causes incorrect policies to be created, which prevents the server from properly protecting JNDI resources. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 2.1 (as of 20-07-2017 - 01:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
PARTIAL |
NONE |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:N/I:P/A:N
|
refmap
via4
|
bea | BEA06-119.00 | bid | 16358 | sectrack | 1015528 | secunia | 18592 | vupen | ADV-2006-0313 | xf | weblogic-jdni-security-weakness(24299) |
|
Last major update |
20-07-2017 - 01:29 |
Published |
25-01-2006 - 23:07 |
Last modified |
20-07-2017 - 01:29 |