Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2467

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2006-2467
Last Modified 07 Mar 2011 09:36:15
Published 19 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-2467

Summary

BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 displays the internal IP address of the WebLogic server in the WebLogic Server Administration Console, which allows remote authenticated administrators to determine the address.

Vulnerable Systems

Application

  • Bea Weblogic Server 6.1

  • Bea Weblogic Server 7.0

  • Bea Weblogic Server 8.1


References

SECUNIA - 20130

BEA - BEA06-129.00

VUPEN - ADV-2006-1828

XF - weblogic-console-ip-disclosure(26462)

SECTRACK - 1016099

SECTRACK - 1016097


Last Updated: 27 May 2016 10:42:28