CVE-2000-0683Weblogic Server vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.6%
top 30.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
BEA Weblogic Server
Timeline
PublishedOct 20
Latest updateApr 30

Description

BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

Patches

Patch: archives.neohapsis.comPatch: www.securityfocus.comPatch: archives.neohapsis.com

🔴Vulnerability Details

2
GHSA
GHSA-9j8w-xrww-p6wr: BEA WebLogic 52022-04-30
CVEList
CVE-2000-0683: BEA WebLogic 52000-10-13
CVE-2000-0683 — BEA Weblogic Server vulnerability | cvebase