Vulnerability Details CVE-2006-2467
BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 displays the internal IP address of the WebLogic server in the WebLogic Server Administration Console, which allows remote authenticated administrators to determine the address.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.0%
CVSS Severity
CVSS v2 Score 4.0
References
- http://dev2dev.bea.com/pub/advisory/191
- http://secunia.com/advisories/20130
- http://securitytracker.com/id?1016097
- http://securitytracker.com/id?1016099
- http://www.vupen.com/english/advisories/2006/1828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26462
- http://dev2dev.bea.com/pub/advisory/191
- http://secunia.com/advisories/20130
- http://securitytracker.com/id?1016097
- http://securitytracker.com/id?1016099
- http://www.vupen.com/english/advisories/2006/1828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26462
Products affected by CVE-2006-2467
-
cpe:2.3:a:bea:weblogic_server:6.1
-
cpe:2.3:a:bea:weblogic_server:7.0
-
cpe:2.3:a:bea:weblogic_server:8.1