Vulnerability Description
BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allows remote authenticated guest users to read the server log and obtain sensitive configuration information.
CVSS Score
4.0
MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bea | Weblogic Server | 6.1 |
References
- http://dev2dev.bea.com/pub/advisory/168PatchVendor Advisory
- http://secunia.com/advisories/18592PatchVendor Advisory
- http://securitytracker.com/id?1015528Patch
- http://www.osvdb.org/22776
- http://www.securityfocus.com/bid/16358
- http://www.vupen.com/english/advisories/2006/0313
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24295
- http://dev2dev.bea.com/pub/advisory/168PatchVendor Advisory
- http://secunia.com/advisories/18592PatchVendor Advisory
- http://securitytracker.com/id?1015528Patch
- http://www.osvdb.org/22776
- http://www.securityfocus.com/bid/16358
- http://www.vupen.com/english/advisories/2006/0313
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24295
FAQ
What is CVE-2006-0424?
CVE-2006-0424 is a vulnerability with a CVSS score of 4.0 (MEDIUM). BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allows remote authenticated guest users to read the server log and obtain sensitive configuration informa...
How severe is CVE-2006-0424?
CVE-2006-0424 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0424?
Check the references section above for vendor advisories and patch information. Affected products include: Bea Weblogic Server.