PT-2002-2890 · Bea · Bea Weblogic Express+1

Publicado

2002-12-31

Atualizado

2008-09-10

CVE-2002-2177

CVSS v2.0

2.6

Baixa

Vetor

AV:N/AC:H/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: BEA WebLogic Server and Express versions 6.1 through 7.0.0.1

Description: The issue allows remote attackers to obtain sensitive information intended for other users due to the way BEA WebLogic Server and Express handle HTTP requests. This could potentially lead to unauthorized access to sensitive data.

Recommendations: For versions 6.1 through 7.0.0.1, consider restricting access to sensitive information until a proper fix is applied, and look for updates from the vendor that address this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-2177

Produtos afetados

Bea Weblogic Express

Bea Weblogic Server

PT-2002-2890 · Bea · Bea Weblogic Express+1

CVE-2002-2177

Identificadores relacionados

Produtos afetados

Referências · 5