Bea Weblogic Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Version

8.194
8.050
7.046
6.134
6.024

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Remediation

Official Fix114
Temporary Fix0
Workaround4
Unavailable0
Not Defined108

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploitability

High2
Functional0
Proof-of-Concept146
Unproven2
Not Defined76

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Access Vector

Not Defined0
Physical0
Local20
Adjacent16
Network190

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Authentication

Not Defined0
High0
Low32
None194

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

User Interaction

Not Defined0
Required16
None210

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

C3BM Index

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Base

≤10
≤20
≤30
≤416
≤522
≤668
≤734
≤858
≤918
≤1010

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Temp

≤10
≤20
≤32
≤420
≤552
≤652
≤752
≤832
≤910
≤106

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

VulDB

≤10
≤20
≤30
≤416
≤522
≤668
≤734
≤858
≤918
≤1010

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit 0-day

<1k0
<2k0
<5k16
<10k72
<25k98
<50k40
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Today

<1k144
<2k22
<5k42
<10k16
<25k2
<50k0
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Market Volume

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

🔴 CTI Activities

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Affected Versions (48): 3.0, 3.1, 3.1.8, 3.2, 3.2.1, 3.3, 3.4, 3.5, 3.6, 4, 4.0.4, 4.5, 4.5.1, 4.5.2, 5.0, 5.1, 6.0, 6.1, 6.1 SP2, 6.1 SP 2, 6.1 SP6, 6.1 SP7, 7, 7.0, 7.0 SP 1, 7.0 SP3, 7.0 SP5, 7.0.0.1, 7.0.0.1 SP 1, 7.0.0.1 SP2, 8.0, 8.0 SP2, 8.1, 8.1 SP1, 8.1 SP2, 8.1 SP3, 8.1 SP4, 8.1 SP5, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.5, 8.3, 9.0, 9.1, 9.2, 10.0

Link to Product Website: https://www.oracle.com/corporate/acquisitions/bea/

Software Type: Application Server Software

PublishedBaseTempVulnerability0dayTodayExpRemCTICVE
07/22/200810.010.0BEA WebLogic Server mod_wl .jsp memory corruption$25k-$100k$0-$5kHighNot Defined0.05CVE-2008-3257
02/22/20085.34.8BEA WebLogic Server denial of service$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.02CVE-2008-0903
02/22/20084.34.1BEA WebLogic Server cross site scripting$5k-$25k$0-$5kProof-of-ConceptNot Defined0.01CVE-2008-0902
02/22/20087.57.1BEA WebLogic Server credentials management$5k-$25k$5k-$25kProof-of-ConceptNot Defined0.02CVE-2008-0901
02/22/20086.36.0BEA WebLogic Server access control$5k-$25k$0-$5kProof-of-ConceptNot Defined0.03CVE-2008-0900
02/22/20084.34.1BEA WebLogic Server Administration Console cross site scripting$5k-$25k$0-$5kProof-of-ConceptNot Defined0.06CVE-2008-0899
02/22/20086.56.2BEA WebLogic Server Access Restriction access control$5k-$25k$5k-$25kProof-of-ConceptNot Defined0.00CVE-2008-0898
02/22/20088.17.7BEA WebLogic Server Access Restriction access control$5k-$25k$5k-$25kProof-of-ConceptNot Defined0.00CVE-2008-0897
02/22/20085.44.9BEA WebLogic Portal Access Restriction access control$5k-$25k$5k-$25kProof-of-ConceptOfficial Fix0.00CVE-2008-0896
02/22/20086.56.2BEA WebLogic Server improper authentication$5k-$25k$0-$5kProof-of-ConceptNot Defined0.01CVE-2008-0895
02/20/20087.36.9BEA WebLogic Portal Administration Console link following$5k-$25k$5k-$25kProof-of-ConceptNot Defined0.03CVE-2008-0870
02/20/20084.33.9BEA WebLogic Workshop UI Framework cross site scripting$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.01CVE-2008-0869
02/20/20084.33.9BEA WebLogic Portal cross site scripting$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.01CVE-2008-0868
02/20/20084.34.1BEA WebLogic Workshop cross site scripting$5k-$25k$0-$5kProof-of-ConceptNot Defined0.00CVE-2008-0866
02/20/20085.35.0BEA WebLogic Portal access control$5k-$25k$5k-$25kProof-of-ConceptNot Defined0.00CVE-2008-0865
02/20/20085.35.0BEA WebLogic Portal Access Restriction access control$5k-$25k$5k-$25kProof-of-ConceptNot Defined0.00CVE-2008-0864
02/20/20085.35.0BEA WebLogic Server information disclosure$5k-$25k$0-$5kProof-of-ConceptNot Defined0.09CVE-2008-0863
12/12/20077.36.9BEA WebLogic Mobility Server improper authentication$5k-$25k$0-$5kProof-of-ConceptNot Defined0.01CVE-2007-6384
08/30/20076.56.2BEA WebLogic Server information disclosure$5k-$25k$0-$5kHighOfficial Fix0.01CVE-2007-4616
08/30/20076.56.2BEA WebLogic Server unknown vulnerability$5k-$25k$5k-$25kProof-of-ConceptNot Defined0.05CVE-2007-4615
08/28/20077.56.5BEA WebLogic Server denial of service$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2007-4618
08/28/20077.57.1BEA WebLogic Server denial of service$5k-$25k$0-$5kProof-of-ConceptNot Defined0.01CVE-2007-4617
05/23/20077.57.1BEA WebLogic Server Administration Console Privilege Escalation$25k-$100k$0-$5kProof-of-ConceptNot Defined0.01CVE-2007-2699
05/14/20077.86.8BEA Weblogic Workshop information disclosure$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.02CVE-2007-5576
05/14/20077.57.1BEA WebLogic Workshop Console path traversal$5k-$25k$0-$5kProof-of-ConceptNot Defined0.05CVE-2007-2705

201 more entries are not shown

more entries by Bea

Interested in the pricing of exploits?

See the underground prices here!