Vulnerability Description
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator uses the WebLogic Administration Console to add custom security policies, causes incorrect policies to be created, which prevents the server from properly protecting JNDI resources.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bea | Weblogic Server | 9.0 |
References
- http://dev2dev.bea.com/pub/advisory/176PatchVendor Advisory
- http://secunia.com/advisories/18592PatchVendor Advisory
- http://securitytracker.com/id?1015528Patch
- http://www.securityfocus.com/bid/16358
- http://www.vupen.com/english/advisories/2006/0313
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24299
- http://dev2dev.bea.com/pub/advisory/176PatchVendor Advisory
- http://secunia.com/advisories/18592PatchVendor Advisory
- http://securitytracker.com/id?1015528Patch
- http://www.securityfocus.com/bid/16358
- http://www.vupen.com/english/advisories/2006/0313
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24299
FAQ
What is CVE-2006-0432?
CVE-2006-0432 is a vulnerability with a CVSS score of 2.1 (LOW). Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator uses the WebLogic Administration Console to add custom security policies, causes incorrect policies to ...
How severe is CVE-2006-0432?
CVE-2006-0432 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0432?
Check the references section above for vendor advisories and patch information. Affected products include: Bea Weblogic Server.