Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server 8.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2695
The HttpClusterServlet and HttpProxyServlet in BEA WebLogic Express and WebLogic Server 6.1 through SP7, 7.0 through SP7, 8.1 through SP5, 9.0, and 9.1, when SecureProxy is enabled, may process "external requests on behalf of a system identity," which allows remote mali...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
NA
CVE-2007-2697
The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP5, 9.0, and 9.1, when in certain configurations, does not limit or audit failed authentication attempts, which allows remote malicious users to more easily conduct brute-force atta...
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
NA
CVE-2007-0408
BEA Weblogic Server 8.1 up to and including 8.1 SP4 does not properly validate client certificates when reusing cached connections, which allows remote malicious users to obtain access via an untrusted X.509 certificate.
Bea Weblogic Server 8.1
Bea Weblogic Server
1 Github repository
NA
CVE-2007-0409
BEA WebLogic 7.0 up to and including 7.0 SP6, 8.1 up to and including 8.1 SP4, and 9.0 initial release does not encrypt passwords stored in the JDBCDataSourceFactory MBean Properties, which allows local administrative users to read the cleartext password.
Bea Weblogic Server 9.0
Bea Weblogic Server
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
NA
CVE-2007-0410
Unspecified vulnerability in the thread management in BEA WebLogic 7.0 up to and including 7.0 SP6, 8.1 up to and including 8.1 SP5, 9.0, and 9.1, when T3 authentication is used, allows remote malicious users to cause a denial of service (thread and system hang) via unspecified &...
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.1
Bea Weblogic Server 9.0
NA
CVE-2007-0411
BEA WebLogic Server 8.1 up to and including 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when WS-Security is used, does not properly validate certificates, which allows remote malicious users to conduct a man-in-the-middle (MITM) attack.
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 9.2
Bea Weblogic Server
NA
CVE-2007-0412
BEA WebLogic Server 6.1 up to and including 6.1 SP7, 7.0 up to and including 7.0 SP7, and 8.1 up to and including 8.1 SP5 allows remote malicious users to read arbitrary files inside the class-path property via .ear or exploded .ear files that use the manifest class-path property...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
NA
CVE-2007-0413
BEA WebLogic Server 8.1 up to and including 8.1 SP5 stores cleartext data in a backup of config.xml after offline editing, which allows local users to obtain sensitive information by reading this backup file.
Bea Weblogic Server 8.1
Bea Weblogic Server
NA
CVE-2007-0415
BEA WebLogic Server 8.1 up to and including 8.1 SP5 does not properly enforce access control after a dynamic update and dynamic redeployment of an application that is implemented through exploded jars, which allows malicious users to bypass intended access restrictions.
Bea Weblogic Server 8.1
Bea Weblogic Server
NA
CVE-2007-0418
BEA WebLogic Server 7.0 up to and including 7.0 SP6, 8.1 up to and including 8.1 SP5, 9.0, and 9.1 does not enforce a security policy that declares permissions for EJB methods that have array parameters, which allows remote malicious users to obtain unauthorized access to these m...
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »