Vulnerability Description
Unspecified vulnerability in the WebLogic Server Administration Console for BEA WebLogic Server 9.0 prevents the console from setting custom JDBC security policies correctly, which could allow attackers to bypass intended policies.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bea | Weblogic Server | 9.0 |
References
- http://dev2dev.bea.com/pub/advisory/188PatchVendor Advisory
- http://secunia.com/advisories/20130PatchVendor Advisory
- http://www.vupen.com/english/advisories/2006/1828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26464
- http://dev2dev.bea.com/pub/advisory/188PatchVendor Advisory
- http://secunia.com/advisories/20130PatchVendor Advisory
- http://www.vupen.com/english/advisories/2006/1828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26464
FAQ
What is CVE-2006-2470?
CVE-2006-2470 is a vulnerability with a CVSS score of 7.5 (HIGH). Unspecified vulnerability in the WebLogic Server Administration Console for BEA WebLogic Server 9.0 prevents the console from setting custom JDBC security policies correctly, which could allow attacke...
How severe is CVE-2006-2470?
CVE-2006-2470 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-2470?
Check the references section above for vendor advisories and patch information. Affected products include: Bea Weblogic Server.