CVE-2008-0896 in WebLogic Portalinfo

Summary

BEA WebLogic Portal 10.0 and 9.2 through MP1, when an administrator deletes a single instance of a content portlet, removes entitlement policies for other content portlets, which allows attackers to bypass intended access restrictions.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

02/22/2008

Disclosure

02/22/2008

Moderation

VulDB entry created

Entries

VDB-41178 (1)

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

5.4

EPSS

0.00286

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-0896
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-0896
CVE Details	https://www.cvedetails.com/cve/CVE-2008-0896/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!