Vulnerability Description
BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 displays the internal IP address of the WebLogic server in the WebLogic Server Administration Console, which allows remote authenticated administrators to determine the address.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bea | Weblogic Server | 6.1 |
References
- http://dev2dev.bea.com/pub/advisory/191PatchVendor Advisory
- http://secunia.com/advisories/20130PatchVendor Advisory
- http://securitytracker.com/id?1016097
- http://securitytracker.com/id?1016099
- http://www.vupen.com/english/advisories/2006/1828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26462
- http://dev2dev.bea.com/pub/advisory/191PatchVendor Advisory
- http://secunia.com/advisories/20130PatchVendor Advisory
- http://securitytracker.com/id?1016097
- http://securitytracker.com/id?1016099
- http://www.vupen.com/english/advisories/2006/1828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26462
FAQ
What is CVE-2006-2467?
CVE-2006-2467 is a vulnerability with a CVSS score of 4.0 (MEDIUM). BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 displays the internal IP address of the WebLogic server in the WebLogic Server Administration Console, which allows remote authentic...
How severe is CVE-2006-2467?
CVE-2006-2467 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-2467?
Check the references section above for vendor advisories and patch information. Affected products include: Bea Weblogic Server.