Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0864

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-0864
Last Modified 07 Mar 2011 10:05:34
Published 20 Feb 2008 08:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0864

Summary

Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote attackers to bypass intended access restrictions.

Vulnerable Systems

Application

  • Bea Systems Weblogic Portal 8.1 Sp6

  • Bea Weblogic Portal 8.1


References

VUPEN - ADV-2008-0613

BEA - BEA08-183.00

SECTRACK - 1019454

SECUNIA - 29041


Last Updated: 27 May 2016 10:46:57