CVE-2006-0430Weblogic Server vulnerability

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
1.0%
top 23.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
BEA Weblogic Server
Timeline
PublishedJan 25
Latest updateMay 1

Description

Certain configurations of BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6, when connection filters are enabled, cause the server to run more slowly, which makes it easier for remote attackers to cause a denial of service (server slowdown).

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDbea/weblogic_server7.0, 8.1, 9.0+2

Patches

Patch: dev2dev.bea.comPatch: secunia.comPatch: securitytracker.com

🔴Vulnerability Details

2
GHSA
GHSA-fr53-fjqh-h3jj: Certain configurations of BEA WebLogic Server and WebLogic Express 92022-05-01
CVEList
CVE-2006-0430: Certain configurations of BEA WebLogic Server and WebLogic Express 92006-01-25

💬Community

1
Bugzilla
CVE-2006-4600 openldap improper selfwrite access2007-03-27
CVE-2006-0430 — BEA Weblogic Server vulnerability | cvebase