CVE-2006-0429

Severity

21%

Complexity

39%

Confidentiality

48%

BEA WebLogic Server and WebLogic Express 9.0 causes new security providers to appear active even if they have not been activated by a server reboot, which could cause an administrator to perform inappropriate, security-relevant actions.

BEA WebLogic Server and WebLogic Express 9.0 causes new security providers to appear active even if they have not been activated by a server reboot, which could cause an administrator to perform inappropriate, security-relevant actions.

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:P/A:N).

Overview

First reported 19 years ago

2006-01-25 23:07:00

Last updated 7 years ago

2017-07-20 01:29:00

Affected Software

BEA Systems WebLogic Server 9.0

9.0

References

BEA06-116.00

Patch, Vendor Advisory

18592

Patch, Vendor Advisory

1015528

Patch

22773

16358

ADV-2006-0313

weblogic-security-provider-weakness(24298)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.