Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1975

4 documents4 sources
Severity
6.8MEDIUM
EPSS
33.9%
top 3.04%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Oracle BEA Product Suite
Timeline
PublishedJul 14
Latest updateMay 2

Description

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality, integrity, and availability, related to the WLS Console Package.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-6m53-9vwf-wfq2: Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 102022-05-02
CVEList
CVE-2009-1975: Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 102009-07-14

💥Exploits & PoCs

1
Exploit-DB
Oracle WebLogic Server 10.3 - 'console-help.portal' Cross-Site Scripting2009-06-14
CVE-2009-1975 (MEDIUM CVSS 6.8) | Unspecified vulnerability in the We | cvebase.io