| ID |
CVE-2007-0417
|
| Summary |
BEA WebLogic Server 7.0 through 7.0 SP7, 8.1 through 8.1 SP5, 9.0, and 9.1, when using the WebLogic Server 6.1 compatibility realm, allows attackers to execute certain EJB container persistence operations with an administrative identity. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
-
cpe:2.3:a:bea:weblogic_server:5.1:sp7:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:5.1:sp7:*:*:*:*:*:*
-
cpe:2.3:a:bea:weblogic_server:5.1:sp7:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:5.1:sp7:express:*:*:*:*:*
-
cpe:2.3:a:bea:weblogic_server:5.1:sp7:win32:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:5.1:sp7:win32:*:*:*:*:*
-
cpe:2.3:a:bea:weblogic_server:6.1:sp7:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:6.1:sp7:*:*:*:*:*:*
-
cpe:2.3:a:bea:weblogic_server:6.1:sp7:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:6.1:sp7:express:*:*:*:*:*
-
cpe:2.3:a:bea:weblogic_server:6.1:sp7:win32:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:6.1:sp7:win32:*:*:*:*:*
-
cpe:2.3:a:bea:weblogic_server:7.0:sp7:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:sp7:*:*:*:*:*:*
-
cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
-
cpe:2.3:a:bea:weblogic_server:8.1:sp5:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:8.1:sp5:*:*:*:*:*:*
-
cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
-
cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 10.0 (as of 08-03-2011 - 02:49) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
| refmap
via4
|
| bea | BEA07-144.00 | | bid | 22082 | | osvdb | 38511 | | sectrack | 1017525 | | secunia | 23750 | | vupen | ADV-2007-0213 |
|
| Last major update |
08-03-2011 - 02:49 |
| Published |
23-01-2007 - 00:28 |
| Last modified |
08-03-2011 - 02:49 |
