CVE-2008-0865 — Systems Weblogic Portal vulnerability

CWE-2643 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 40.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

BEA Systems Weblogic Portal Oracle Weblogic Portal

Timeline

PublishedFeb 21

Latest updateMay 1

Description

Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allows remote attackers to bypass entitlements for instances of a floatable WLP portlet via unknown vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDoracle/weblogic_portal8.1

▶NVDbea_systems/weblogic_portal8.1_sp6

🔴Vulnerability Details

GHSA

GHSA-rj64-3q6q-qjm9: Unspecified vulnerability in BEA WebLogic Portal 8↗2022-05-01

▶

CVEList

CVE-2008-0865: Unspecified vulnerability in BEA WebLogic Portal 8↗2008-02-21

▶