Bea Weblogic Server Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Version

8.1	42
8.0	34
7.0	20
9.0	16
6.1	14

Remediation

Official Fix	26
Temporary Fix	0
Workaround	4
Unavailable	0
Not Defined	94

Exploitability

High	0
Functional	0
Proof-of-Concept	64
Unproven	2
Not Defined	58

Access Vector

Not Defined	0
Physical	0
Local	28
Adjacent	0
Network	96

Authentication

Not Defined	0
High	0
Low	14
None	110

User Interaction

Not Defined	0
Required	10
None	114

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	20
≤5	14
≤6	62
≤7	4
≤8	14
≤9	6
≤10	4

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	22
≤5	44
≤6	32
≤7	12
≤8	6
≤9	4
≤10	4

VulDB

≤1	0
≤2	0
≤3	0
≤4	20
≤5	14
≤6	62
≤7	4
≤8	14
≤9	6
≤10	4

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Vendor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	0
<2k	0
<5k	0
<10k	44
<25k	56
<50k	24
<100k	0
≥100k	0

Exploit Today

<1k	100
<2k	16
<5k	6
<10k	2
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Market Volume

🔴 CTI Activities

Affected Versions (24): 3.1.8, 4.0.4, 4.5, 4.5.1, 4.5.2, 5.0, 5.1, 6.0, 6.1, 6.1 SP2, 6.1 SP 2, 7, 7.0, 7.0 SP 1, 7.0 SP3, 7.0.0.1, 7.0.0.1 SP 1, 8.0, 8.1, 8.1 SP1, 8.1 SP2, 9.0, 9.1, 10.0

Link to Product Website: https://www.oracle.com/corporate/acquisitions/bea/

Software Type: Application Server Software

Published	Base	Temp	Vulnerability	0day	Today	Exp	Rem	CTI	CVE
07/22/2008	10.0	10.0	BEA WebLogic Server mod_wl .jsp memory corruption	$25k-$100k	$0-$5k	High	Not Defined	0.00	CVE-2008-3257
02/22/2008	5.3	4.8	BEA WebLogic Server denial of service	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2008-0903
02/22/2008	4.3	4.1	BEA WebLogic Server cross site scripting	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0902
02/22/2008	7.5	7.1	BEA WebLogic Server credentials management	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0901
02/22/2008	6.3	6.0	BEA WebLogic Server access control	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0900
02/22/2008	4.3	4.1	BEA WebLogic Server Administration Console cross site scripting	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0899
02/22/2008	6.5	6.2	BEA WebLogic Server Access Restriction access control	$5k-$25k	$5k-$25k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0898
02/22/2008	8.1	7.7	BEA WebLogic Server Access Restriction access control	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.02	CVE-2008-0897
02/22/2008	6.5	6.2	BEA WebLogic Server improper authentication	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0895
02/20/2008	5.3	5.0	BEA WebLogic Server information disclosure	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0863
08/30/2007	6.5	6.2	BEA WebLogic Server information disclosure	$5k-$25k	$0-$5k	High	Official Fix	0.00	CVE-2007-4616
08/30/2007	6.5	6.2	BEA WebLogic Server unknown vulnerability	$5k-$25k	$5k-$25k	Proof-of-Concept	Not Defined	0.00	CVE-2007-4615
08/28/2007	7.5	6.5	BEA WebLogic Server denial of service	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2007-4618
08/28/2007	7.5	7.1	BEA WebLogic Server denial of service	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-4617
05/23/2007	7.5	7.1	BEA WebLogic Server Administration Console Privilege Escalation	$25k-$100k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-2699
05/14/2007	5.9	5.6	BEA WebLogic Server denial of service	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-2704
05/14/2007	5.0	4.7	BEA WebLogic Server Privilege Escalation	$25k-$100k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-2701
05/14/2007	4.3	4.1	BEA WebLogic Server Configuration File information disclosure	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-2700
05/14/2007	5.3	5.0	BEA WebLogic Server Administration Console cleartext storage	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-2698
05/14/2007	5.6	5.3	BEA WebLogic Server denial of service	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-2697
05/14/2007	7.3	6.9	BEA WebLogic Server Remote Code Execution	$25k-$100k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-2696
05/14/2007	5.6	5.3	BEA WebLogic Server Remote Code Execution	$25k-$100k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-2695
05/14/2007	4.3	4.1	BEA WebLogic Server cross site scripting	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-2694
01/22/2007	3.3	3.2	BEA WebLogic Server information disclosure	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-0409
01/17/2007	5.3	5.0	BEA WebLogic Server information disclosure	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-0420

99 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 99 results.

more entries by Bea

◂ PreviousOverviewNext ▸

Interested in the pricing of exploits?

See the underground prices here!