Vulnerability Description
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allows malicious EJBs or servlet applications to decrypt system passwords, possibly by accessing functionality that should have been restricted.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bea | Weblogic Server | 8.1 |
References
- http://dev2dev.bea.com/pub/advisory/171PatchVendor Advisory
- http://secunia.com/advisories/18592PatchVendor Advisory
- http://securitytracker.com/id?1015528Patch
- http://www.osvdb.org/22774
- http://www.securityfocus.com/bid/16358
- http://www.vupen.com/english/advisories/2006/0313
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24291
- http://dev2dev.bea.com/pub/advisory/171PatchVendor Advisory
- http://secunia.com/advisories/18592PatchVendor Advisory
- http://securitytracker.com/id?1015528Patch
- http://www.osvdb.org/22774
- http://www.securityfocus.com/bid/16358
- http://www.vupen.com/english/advisories/2006/0313
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24291
FAQ
What is CVE-2006-0427?
CVE-2006-0427 is a vulnerability with a CVSS score of 2.1 (LOW). Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allows malicious EJBs or servlet applications to decrypt system passwords, possibly by accessing functiona...
How severe is CVE-2006-0427?
CVE-2006-0427 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0427?
Check the references section above for vendor advisories and patch information. Affected products include: Bea Weblogic Server.