cbcvebase.
CVE-2007-2696
published 2007-05-16

CVE-2007-2696: The JMS Server in BEA WebLogic Server 6.1 through SP7, 7.0 through SP6, and 8.1 through SP5 enforces security access policies on the front end, which allows…

PriorityP431medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
2.11%
79.5th percentile
The JMS Server in BEA WebLogic Server 6.1 through SP7, 7.0 through SP6, and 8.1 through SP5 enforces security access policies on the front end, which allows remote attackers to access protected queues via direct requests to the JMS back-end server.

Affected

3 ranges
VendorProductVersion rangeFixed in
beaweblogic_server
beaweblogic_server
beaweblogic_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.