ID CVE-2009-3396
Summary Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.0, 9.1, 9.2.3, 10.0.1, and 10.3 allows remote attackers to affect integrity, related to WLS Console.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:bea_product_suite:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:bea_product_suite:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:bea_product_suite:9.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:bea_product_suite:9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:bea_product_suite:9.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:bea_product_suite:9.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:bea_product_suite:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:bea_product_suite:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:bea_product_suite:10.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:bea_product_suite:10.3:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 23-10-2012 - 03:11)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 36766
cert TA09-294A
confirm http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html
sectrack 1023062
Last major update 23-10-2012 - 03:11
Published 22-10-2009 - 18:30
Back to Top