CVE-2006-0425Oracle Weblogic Portal vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.5%
top 32.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle Weblogic Portal
Timeline
PublishedJan 25
Latest updateMay 1

Description

BEA WebLogic Portal 8.1 through SP4 allows remote attackers to obtain the source for a deployment descriptor file via unknown vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

Patches

Patch: dev2dev.bea.comPatch: securitytracker.comPatch: dev2dev.bea.com

🔴Vulnerability Details

2
GHSA
GHSA-64x6-cj8r-v946: BEA WebLogic Portal 82022-05-01
CVEList
CVE-2006-0425: BEA WebLogic Portal 82006-01-25
CVE-2006-0425 — Oracle Weblogic Portal vulnerability | cvebase