Bea Weblogic Sårbarheter

Version

8.1	76
7.0	54
8.0	48
6.1	28
7.0.0.1	26

Åtgärd

Official Fix	106
Temporary Fix	0
Workaround	6
Unavailable	0
Not Defined	114

Utnyttjbarhet

High	0
Functional	0
Proof-of-Concept	146
Unproven	0
Not Defined	80

Åtkomstvektor

Not Defined	0
Physical	0
Local	32
Adjacent	14
Network	180

Autentisering

Not Defined	0
High	0
Low	30
None	196

Användarinteraktion

Not Defined	0
Required	10
None	216

CVSSv3 Base

≤1	0
≤2	0
≤3	2
≤4	28
≤5	12
≤6	80
≤7	32
≤8	50
≤9	16
≤10	6

CVSSv3 Temp

≤1	0
≤2	0
≤3	4
≤4	28
≤5	54
≤6	56
≤7	46
≤8	28
≤9	6
≤10	4

VulDB

≤1	0
≤2	0
≤3	2
≤4	28
≤5	12
≤6	80
≤7	32
≤8	50
≤9	16
≤10	6

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Säljare

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Utnyttja 0-dagars

<1k	0
<2k	0
<5k	10
<10k	78
<25k	96
<50k	40
<100k	2
≥100k	0

Utnyttja idag

<1k	184
<2k	20
<5k	18
<10k	4
<25k	0
<50k	0
<100k	0
≥100k	0

Affected Versions (48): 3.0, 3.1, 3.1.8, 3.2, 3.2.1, 3.3, 3.4, 3.5, 3.6, 4, 4.0.4, 4.5, 4.5.1, 4.5.2, 5.0, 5.1, 6.0, 6.1, 6.1 SP2, 6.1 SP 2, 6.1 SP6, 6.1 SP7, 7, 7.0, 7.0 SP 1, 7.0 SP3, 7.0 SP5, 7.0.0.1, 7.0.0.1 SP 1, 7.0.0.1 SP2, 8.0, 8.0 SP2, 8.1, 8.1 SP1, 8.1 SP2, 8.1 SP3, 8.1 SP4, 8.1 SP5, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.5, 8.3, 9.0, 9.1, 9.2, 10.0

Link to Product Website: https://www.oracle.com/corporate/acquisitions/bea/

Programvarutyp: Application Server Software

Publicerad	Base	Temp	Sårbarhet	0day	I dag	Utn	Rem	CTI	CVE
22/07/2008	10.0	10.0	BEA WebLogic Server mod_wl .jsp minneskorruption	$25k-$100k	$0-$5k	High	Not Defined	0.00	CVE-2008-3257
22/02/2008	5.3	4.8	BEA WebLogic Server förnekande av tjänsten	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2008-0903
22/02/2008	4.3	4.1	BEA WebLogic Server cross site scripting	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0902
22/02/2008	7.5	7.1	BEA WebLogic Server privilegier eskalering	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.02	CVE-2008-0901
22/02/2008	6.3	6.0	BEA WebLogic Server privilegier eskalering	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.02	CVE-2008-0900
22/02/2008	4.3	4.1	BEA WebLogic Server Administration Console cross site scripting	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.02	CVE-2008-0899
22/02/2008	6.5	6.2	BEA WebLogic Server Access Restriction privilegier eskalering	$5k-$25k	$5k-$25k	Proof-of-Concept	Not Defined	0.02	CVE-2008-0898
22/02/2008	8.1	7.7	BEA WebLogic Server Access Restriction privilegier eskalering	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.02	CVE-2008-0897
22/02/2008	5.4	4.9	BEA WebLogic Portal Access Restriction privilegier eskalering	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2008-0896
22/02/2008	6.5	6.2	BEA WebLogic Server svag autentisering	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.02	CVE-2008-0895
20/02/2008	7.3	6.9	BEA WebLogic Portal Administration Console privilegier eskalering	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0870
20/02/2008	4.3	3.9	BEA WebLogic Workshop UI Framework cross site scripting	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2008-0869
20/02/2008	4.3	3.9	BEA WebLogic Portal cross site scripting	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2008-0868
20/02/2008	4.3	4.1	BEA WebLogic Workshop cross site scripting	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0866
20/02/2008	5.3	5.0	BEA WebLogic Portal privilegier eskalering	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0865
20/02/2008	5.3	5.0	BEA WebLogic Portal Access Restriction privilegier eskalering	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0864
20/02/2008	5.3	5.0	BEA WebLogic Server informationsgivning	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2008-0863
12/12/2007	7.3	6.9	BEA WebLogic Mobility Server svag autentisering	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-6384
30/08/2007	6.5	6.2	BEA WebLogic Server informationsgivning	$5k-$25k	$0-$5k	High	Official Fix	0.00	CVE-2007-4616
30/08/2007	6.5	6.2	BEA WebLogic Server okänd sårbarhet	$5k-$25k	$5k-$25k	Proof-of-Concept	Not Defined	0.00	CVE-2007-4615
28/08/2007	7.5	6.5	BEA WebLogic Server förnekande av tjänsten	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2007-4618
28/08/2007	7.5	7.1	BEA WebLogic Server förnekande av tjänsten	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-4617
23/05/2007	7.5	7.1	BEA WebLogic Server Administration Console Privilege Escalation	$25k-$100k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-2699
14/05/2007	7.8	6.8	BEA Weblogic Workshop informationsgivning	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.02	CVE-2007-5576
14/05/2007	7.5	7.1	BEA WebLogic Workshop Console kataloggenomgång	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	CVE-2007-2705