CVE-2007-2695 in BEA WebLogic Serverinfo

Summary

The HttpClusterServlet and HttpProxyServlet in BEA WebLogic Express and WebLogic Server 6.1 through SP7, 7.0 through SP7, 8.1 through SP5, 9.0, and 9.1, when SecureProxy is enabled, may process "external requests on behalf of a system identity," which allows remote attackers to access administrative data or functionality.

Reservation

05/15/2007

Disclosure

05/15/2007

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
36816	BEA WebLogic Server Remote Code Execution		Proof-of-Concept	Not defined	CVE-2007-2695

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸