CVE-2003-0151 — Weblogic Server vulnerability
3 documents3 sources
Severity
7.5HIGHNVD
EPSS
4.7%
top 10.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 24
Latest updateApr 29
Description
BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4