CVE-2006-0429 — Weblogic Server vulnerability

3 documents3 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 71.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

BEA Weblogic Server

Timeline

PublishedJan 25

Latest updateMay 1

Description

BEA WebLogic Server and WebLogic Express 9.0 causes new security providers to appear active even if they have not been activated by a server reboot, which could cause an administrator to perform inappropriate, security-relevant actions.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDbea/weblogic_server9.0

Patches

Patch: dev2dev.bea.com ↗Patch: secunia.com ↗Patch: securitytracker.com ↗

🔴Vulnerability Details

GHSA

GHSA-7qv5-cf2g-8qxq: BEA WebLogic Server and WebLogic Express 9↗2022-05-01

▶

CVEList

CVE-2006-0429: BEA WebLogic Server and WebLogic Express 9↗2006-01-25

▶