CVE-2008-0864

2008-02-2101:00:00

mitre

www.cve.org

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.0%

JSON

Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote attackers to bypass intended access restrictions.

References

dev2dev.bea.com/pub/advisory/256

secunia.com/advisories/29041

www.securitytracker.com/id?1019454

www.vupen.com/english/advisories/2008/0613