PT-2003-1401 · Bea · Bea Weblogic Server

Lluis Mora

Publicado

2003-03-21

Atualizado

2016-10-18

CVE-2003-0151

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: BEA WebLogic Server and Express versions 6.0 through 7.0

Description: The issue allows remote attackers to read arbitrary files or execute arbitrary code due to improper restriction of access to certain internal servlets that perform administrative functions.

Recommendations: For versions 6.0 through 7.0, restrict access to internal servlets that perform administrative functions to prevent remote attackers from reading arbitrary files or executing arbitrary code.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2003-0151

Produtos afetados

Bea Weblogic Server

PT-2003-1401 · Bea · Bea Weblogic Server

CVE-2003-0151

Identificadores relacionados

Produtos afetados

Referências · 8