CVE-2006-0422 — Weblogic Server vulnerability

3 documents3 sources

Severity

6.4MEDIUMNVD

EPSS

1.0%

top 23.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

BEA Weblogic Server

Timeline

PublishedJan 25

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allow remote attackers to access MBean attributes or cause an unspecified denial of service via unknown attack vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

▶NVDbea/weblogic_server6.1, 7.0, 8.1+2

Patches

Patch: dev2dev.bea.com ↗Patch: secunia.com ↗Patch: securitytracker.com ↗

🔴Vulnerability Details

GHSA

GHSA-4pjm-3hpr-w6j5: Multiple unspecified vulnerabilities in BEA WebLogic Server and WebLogic Express 8↗2022-05-01

▶

CVEList

CVE-2006-0422: Multiple unspecified vulnerabilities in BEA WebLogic Server and WebLogic Express 8↗2006-01-25

▶