Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BEA WebLogic Server 9.1 does not properly handle propagation of an admin server's security policy change log to temporarily unavailable managed servers, which might allow attackers to bypass intended restrictions, a different vulnerability than CVE-2007-0426.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BEA产品多个远程安全漏洞
Vulnerability Description
BEA Systems WebLogic包含多种应用系统集成方案,包括Server/Express/Integration等。 BEA Weblogic中存在多个安全漏洞,可能允许恶意攻击者获得敏感信息、绕过某些安全限制、导致拒绝服务或完全入侵系统。 这些漏洞包括: 1) SSL库中的漏洞可能允许判断明文块; 2) 从缓存重用连接时服务器没有正确地验证客户端证书,导致攻击者可以通过X.509证书访问Web服务器。成功攻击要求应用程序允许通过单个客户端进程访问多个用户; 3) 存储在JDBCDataSour
CVSS Information
N/A
Vulnerability Type
N/A