Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server 9.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2700
The WLST script generated by the configToScript command in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not encrypt certain attributes in configuration files when creating a new domain, which allows remote authenticated users to obtain sensitive information.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
NA
CVE-2007-2704
BEA WebLogic Server 9.0 up to and including 9.2 allows remote malicious users to cause a denial of service (SSL port unavailability) by accessing a half-closed SSL socket.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.2
Bea Weblogic Server 9.1
NA
CVE-2007-2697
The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP5, 9.0, and 9.1, when in certain configurations, does not limit or audit failed authentication attempts, which allows remote malicious users to more easily conduct brute-force atta...
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
NA
CVE-2007-0410
Unspecified vulnerability in the thread management in BEA WebLogic 7.0 up to and including 7.0 SP6, 8.1 up to and including 8.1 SP5, 9.0, and 9.1, when T3 authentication is used, allows remote malicious users to cause a denial of service (thread and system hang) via unspecified &...
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 7.0
Bea Weblogic Server 9.1
NA
CVE-2007-0411
BEA WebLogic Server 8.1 up to and including 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when WS-Security is used, does not properly validate certificates, which allows remote malicious users to conduct a man-in-the-middle (MITM) attack.
Bea Weblogic Server
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 9.2
NA
CVE-2007-0422
BEA WebLogic Server 9.0, 9.1, and 9.2 Gold, when running on Solaris 9, allows remote malicious users to cause a denial of service (server inaccessibility) via manipulated socket connections.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 9.2
NA
CVE-2007-0420
BEA WebLogic Server 9.0, 9.1, and 9.2 Gold allows remote malicious users to obtain sensitive information via malformed HTTP requests, which reveal data from previous requests.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 9.2
NA
CVE-2007-0416
The WSEE runtime (WS-Security runtime) in BEA WebLogic Server 9.0 and 9.1 does not verify credentials when decrypting client messages, which allows remote malicious users to bypass application security.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
NA
CVE-2007-0418
BEA WebLogic Server 7.0 up to and including 7.0 SP6, 8.1 up to and including 8.1 SP5, 9.0, and 9.1 does not enforce a security policy that declares permissions for EJB methods that have array parameters, which allows remote malicious users to obtain unauthorized access to these m...
Bea Weblogic Server
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 7.0
Bea Weblogic Server 9.1
NA
CVE-2007-0417
BEA WebLogic Server 7.0 up to and including 7.0 SP7, 8.1 up to and including 8.1 SP5, 9.0, and 9.1, when using the WebLogic Server 6.1 compatibility realm, allows malicious users to execute certain EJB container persistence operations with an administrative identity.
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 7.0
Bea Weblogic Server 9.1
Bea Weblogic Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »