cbcvebase.
CVE-2007-0415
published 2007-01-23

CVE-2007-0415: BEA WebLogic Server 8.1 through 8.1 SP5 does not properly enforce access control after a dynamic update and dynamic redeployment of an application that is…

PriorityP421medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.26%
65.9th percentile
BEA WebLogic Server 8.1 through 8.1 SP5 does not properly enforce access control after a dynamic update and dynamic redeployment of an application that is implemented through exploded jars, which allows attackers to bypass intended access restrictions.

Affected

2 ranges
VendorProductVersion rangeFixed in
beaweblogic_server<= 8.1
beaweblogic_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.