ID CVE-2008-2580
Summary Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 has unknown impact and remote attack vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:bea_product_suite
    cpe:2.3:a:oracle:bea_product_suite
  • cpe:2.3:a:oracle:bea_product_suite:10.0:mp1
    cpe:2.3:a:oracle:bea_product_suite:10.0:mp1
  • cpe:2.3:a:oracle:bea_product_suite:9.0
    cpe:2.3:a:oracle:bea_product_suite:9.0
  • cpe:2.3:a:oracle:bea_product_suite:9.1
    cpe:2.3:a:oracle:bea_product_suite:9.1
  • cpe:2.3:a:oracle:bea_product_suite:9.2:mp3
    cpe:2.3:a:oracle:bea_product_suite:9.2:mp3
  • cpe:2.3:a:oracle:weblogic_server_component
    cpe:2.3:a:oracle:weblogic_server_component
CVSS
Base: 5.0 (as of 16-07-2008 - 10:41)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
NASL family Web Servers
NASL id WEBLOGIC_CR360676.NASL
description According to its self-reported banner, the version of Oracle WebLogic Server running on the remote host is affected by an unspecified information disclosure vulnerability in JSP pages.
last seen 2019-02-21
modified 2018-11-15
plugin id 17738
published 2011-11-30
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=17738
title Oracle WebLogic JSP Pages Unspecified Information Disclosure (CVE-2008-2580)
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html
hp
  • HPSBMA02133
  • SSRT061201
sectrack 1020498
secunia
  • 31087
  • 31113
vupen
  • ADV-2008-2109
  • ADV-2008-2115
xf oracle-weblogic-jsp-info-disclosure(43829)
Last major update 22-10-2012 - 22:48
Published 15-07-2008 - 19:41
Last modified 07-08-2017 - 21:31
Back to Top