Bea · Bea Weblogic Server · CVE-2003-0151
Name of the Vulnerable Software and Affected Versions:
BEA WebLogic Server and Express versions 6.0 through 7.0
Description:
The issue allows remote attackers to read arbitrary files or execute arbitrary code due to improper restriction of access to certain internal servlets that perform administrative functions.
Recommendations:
For versions 6.0 through 7.0, restrict access to internal servlets that perform administrative functions to prevent remote attackers from reading arbitrary files or executing arbitrary code.