CVE-2010-2375
Oracle WebLogic Server 10.3.3 - Encoded URL
Severity Score
6.4
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.
Paquete/Privilegio: Plugins para Apache, Sun y servicios web IIS, vulnerabilidad no especificada en el componente WebLogic Server de Oracle Fusion Middleware v7.0 SP7, v8.1 SP6, v9.0, v9.1, v9.2 MP3, v10.0 MP2, v10.3.2 y v10.3.3, permite a atacantes remotos afectar la confidencialidad e integridad, relacionado con IIS.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-06-21 CVE Reserved
- 2010-07-13 CVE Published
- 2010-07-13 First Exploit
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html | X_refsource_confirm |
|
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/34312 | 2010-07-13 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Bea Search vendor "Bea" | Weblogic Server Search vendor "Bea" for product "Weblogic Server" | 7.0 Search vendor "Bea" for product "Weblogic Server" and version "7.0" | sp7 |
Affected
| ||||||
| Bea Search vendor "Bea" | Weblogic Server Search vendor "Bea" for product "Weblogic Server" | 8.1 Search vendor "Bea" for product "Weblogic Server" and version "8.1" | sp6 |
Affected
| ||||||
| Bea Search vendor "Bea" | Weblogic Server Search vendor "Bea" for product "Weblogic Server" | 9.0 Search vendor "Bea" for product "Weblogic Server" and version "9.0" | - |
Affected
| ||||||
| Bea Search vendor "Bea" | Weblogic Server Search vendor "Bea" for product "Weblogic Server" | 9.1 Search vendor "Bea" for product "Weblogic Server" and version "9.1" | - |
Affected
| ||||||
| Bea Search vendor "Bea" | Weblogic Server Search vendor "Bea" for product "Weblogic Server" | 9.2 Search vendor "Bea" for product "Weblogic Server" and version "9.2" | mp3 |
Affected
| ||||||
| Bea Systems Search vendor "Bea Systems" | Weblogic Server Search vendor "Bea Systems" for product "Weblogic Server" | 10.0 Search vendor "Bea Systems" for product "Weblogic Server" and version "10.0" | mp2 |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Weblogic Server Search vendor "Oracle" for product "Weblogic Server" | 10.3.2.0.0 Search vendor "Oracle" for product "Weblogic Server" and version "10.3.2.0.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Weblogic Server Search vendor "Oracle" for product "Weblogic Server" | 10.3.3.0.0 Search vendor "Oracle" for product "Weblogic Server" and version "10.3.3.0.0" | - |
Affected
| ||||||