Lucene search

OracleCVE-2008-4009

HistoryOct 14, 2008 - 9:11 p.m.

CVE-2008-4009

2008-10-1421:11:11

oracle

web.nvd.nist.gov

cve-2008-4009

weblogic server

bea product suite 9.1

vulnerability

confidentiality

integrity

availability

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.009

Percentile

82.3%

JSON

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.1, when configuring multiple authorizers, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Affected configurations

Nvd

Node

oraclebea_product_suiteMatch9.1

VendorProductVersionCPE
oraclebea_product_suite9.1cpe:2.3:a:oracle:bea_product_suite:9.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	bea_product_suite	9.1	cpe:2.3:a:oracle:bea_product_suite:9.1:::::::*

References

secunia.com/advisories/32304

www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html

www.securitytracker.com/id?1021056

www.vupen.com/english/advisories/2008/2825

exchange.xforce.ibmcloud.com/vulnerabilities/45908

support.bea.com/application_content/product_portlets/securityadvisories/2802.html

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.009

Percentile

82.3%

JSON

Related for CVE-2008-4009