Vulnerabilities > CVE-2007-0426 - Products Multiple vulnerability in Oracle Weblogic Portal 9.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
oracle
Summary
BEA WebLogic Portal 9.2, when running in a WebLogic Server clustered environment using WebLogic Portal entitlements, does not properly propagate entitlement policy changes if the changes are made on a managed server while the Administrative Server is unavailable, which might allow attackers to bypass intended restrictions.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |