PT-2006-3420 · Bea · Bea Weblogic Server
Publicado
2006-05-19
·
Atualizado
2017-07-20
·
CVE-2006-2472
CVSS v2.0
4.9
Média
| Vetor | AV:L/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
BEA WebLogic Server versions 6.1 through SP7
BEA WebLogic Server versions 7.0 through SP6
BEA WebLogic Server versions 8.1 through SP5
BEA WebLogic Server version 9.0
BEA WebLogic Server version 9.1
Description
The issue allows untrusted applications to obtain private server keys.
Recommendations
For BEA WebLogic Server versions 6.1 through SP7, consider restricting access to private server keys until a fix is available.
For BEA WebLogic Server versions 7.0 through SP6, consider restricting access to private server keys until a fix is available.
For BEA WebLogic Server versions 8.1 through SP5, consider restricting access to private server keys until a fix is available.
For BEA WebLogic Server version 9.0, consider restricting access to private server keys until a fix is available.
For BEA WebLogic Server version 9.1, consider restricting access to private server keys until a fix is available.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Bea Weblogic Server