Vulnerabilities > CVE-2006-0424 - Multiple vulnerability in BEA Weblogic Server 6.1/7.0/8.1

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

bea

NVD

Published: 2006-01-25

Updated: 2017-07-20

Summary

BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allows remote authenticated guest users to read the server log and obtain sensitive configuration information.

Vulnerable Configurations

Part	Description	Count
Application	Bea BEA Weblogic Server 6.1 BEA Weblogic Server 7.0 BEA Weblogic Server 8.1	33

References

http://dev2dev.bea.com/pub/advisory/168
http://secunia.com/advisories/18592
http://securitytracker.com/id?1015528
http://www.osvdb.org/22776
http://www.securityfocus.com/bid/16358
http://www.vupen.com/english/advisories/2006/0313
https://exchange.xforce.ibmcloud.com/vulnerabilities/24295