CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2008-2576
https://notcve.org/view.php?id=CVE-2008-2576
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2, 9.1, 9.0, and 8.1 SP6 has unknown impact and local attack vectors. Una vulnerabilidad no especificada en el componente WebLogic Server en BEA Product Suite de Oracle versiones 9.2, 9.1, 9.0 y 8.1 SP6, presenta un impacto desconocido y vectores de ataque locales. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 http://secunia.com/advisories/31087 http://secunia.com/advisories/31113 http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html http://www.securitytracker.com/id?1020498 http://www.vupen.com/english/advisories/2008/2109/references http://www.vupen.com/english/advisories/2008/2115 https://exchange.xforce.ibmcloud.com/vulnerabilities/43828 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2577
https://notcve.org/view.php?id=CVE-2008-2577
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2 MP1 has unknown impact and remote authenticated attack vectors. Una vulnerabilidad no especificada en el componente WebLogic Server en BEA Product Suite de Oracle versiones 9.2 MP1, presenta un impacto desconocido y vectores de ataque autenticados remotos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 http://secunia.com/advisories/31087 http://secunia.com/advisories/31113 http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html http://www.securitytracker.com/id?1020498 http://www.vupen.com/english/advisories/2008/2109/references http://www.vupen.com/english/advisories/2008/2115 https://exchange.xforce.ibmcloud.com/vulnerabilities/43826 •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2008-2580
https://notcve.org/view.php?id=CVE-2008-2580
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 has unknown impact and remote attack vectors. Una vulnerabilidad no especificada en el componente WebLogic Server en BEA Product Suite de Oracle versiones 10.0 MP1, 9.2 MP3, 9.1 y 9.0, presenta un impacto desconocido y vectores de ataque remotos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 http://secunia.com/advisories/31087 http://secunia.com/advisories/31113 http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html http://www.securitytracker.com/id?1020498 http://www.vupen.com/english/advisories/2008/2109/references http://www.vupen.com/english/advisories/2008/2115 https://exchange.xforce.ibmcloud.com/vulnerabilities/43829 •
CVSS: 6.8EPSS: 0%CPEs: 56EXPL: 0CVE-2007-5576
https://notcve.org/view.php?id=CVE-2007-5576
BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows physically proximate attackers to obtain sensitive information via the (1) cnsbind, (2) cnsunbind, or (3) cnsls commands. BEA Tuxedo 8.0 anterior al RP392 y el 8.1 anterior al RP293 y el WebLogic Enterprise 5.1 anterior al RP174, muestra la contraseña en texto claro, lo que permite a atacantes físicamente próximos obtener información sensible a través de los comandos (1) cnsbind, (2) cnsunbind o (3) cnsls. • http://dev2dev.bea.com/pub/advisory/226 http://osvdb.org/45478 http://www.vupen.com/english/advisories/2007/1813 https://exchange.xforce.ibmcloud.com/vulnerabilities/34290 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 76EXPL: 0CVE-2005-1746
https://notcve.org/view.php?id=CVE-2005-1746
The cluster cookie parsing code in BEA WebLogic Server 7.0 through Service Pack 5 attempts to contact any host or port specified in a cookie, even when it is not in the cluster, which allows remote attackers to cause a denial of service (cluster slowdown) via modified cookies. • http://dev2dev.bea.com/pub/advisory/129 http://secunia.com/advisories/15486 http://securitytracker.com/id?1014049 http://www.securityfocus.com/bid/13717 http://www.vupen.com/english/advisories/2005/0606 •