ID CVE-2008-4013
Summary Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:bea_product_suite:10.0:mp1
    cpe:2.3:a:oracle:bea_product_suite:10.0:mp1
  • cpe:2.3:a:oracle:bea_product_suite:9.2:mp3
    cpe:2.3:a:oracle:bea_product_suite:9.2:mp3
  • cpe:2.3:a:oracle:bea_product_suite:9.1
    cpe:2.3:a:oracle:bea_product_suite:9.1
  • cpe:2.3:a:oracle:bea_product_suite:9.0
    cpe:2.3:a:oracle:bea_product_suite:9.0
  • cpe:2.3:a:oracle:bea_product_suite:8.1:sp6
    cpe:2.3:a:oracle:bea_product_suite:8.1:sp6
CVSS
Base: 6.8 (as of 15-10-2008 - 14:31)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
NASL family Web Servers
NASL id WEBLOGIC_CR218639.NASL
description According to its self-reported banner, the version of Oracle WebLogic Server running on the remote host is affected by an unspecified vulnerability that may allow protected webapps to be displayed under certain conditions.
last seen 2019-02-21
modified 2018-11-15
plugin id 17735
published 2011-11-30
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=17735
title Oracle WebLogic Server Servlets Unspecified Unauthenticated Remote Issue (CVE-2008-4013)
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html
sectrack 1021056
vupen ADV-2008-2825
xf oracle-weblogic-webapps-unauth-access(45912)
Last major update 22-10-2012 - 22:53
Published 14-10-2008 - 17:11
Last modified 07-08-2017 - 21:32
Back to Top