PT-2006-1495 · Bea · Bea Weblogic Portal

Published

2006-01-25

·

Updated

2018-10-30

·

CVE-2006-0428

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions BEA WebLogic Portal versions 8.1 SP3 through 8.1 SP5
Description The issue allows remote attackers to access restricted web resources via crafted URLs when using Web Services Remote Portlets (WSRP).
Recommendations For BEA WebLogic Portal versions 8.1 SP3 through 8.1 SP5, consider restricting access to WSRP until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2006-0428

Affected Products

Bea Weblogic Portal