Vulnerability Details CVE-2006-0432
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator uses the WebLogic Administration Console to add custom security policies, causes incorrect policies to be created, which prevents the server from properly protecting JNDI resources.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.6%
CVSS Severity
CVSS v2 Score 2.1
References
- http://dev2dev.bea.com/pub/advisory/176
- http://secunia.com/advisories/18592
- http://securitytracker.com/id?1015528
- http://www.securityfocus.com/bid/16358
- http://www.vupen.com/english/advisories/2006/0313
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24299
- http://dev2dev.bea.com/pub/advisory/176
- http://secunia.com/advisories/18592
- http://securitytracker.com/id?1015528
- http://www.securityfocus.com/bid/16358
- http://www.vupen.com/english/advisories/2006/0313
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24299
Products affected by CVE-2006-0432
-
cpe:2.3:a:bea:weblogic_server:9.0