CVE-2003-0151

Published: Mar 21, 2003

Modified: Aug 8, 2024

PUBLISHED

Description

BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20030317 SPI ADVISORY: Remote Administration of BEA WebLogic Server and Express

mailing-list

x_refsource_BUGTRAQ

7124

vdb-entry

x_refsource_BID

http://www.s21sec.com/en/avisos/s21sec-011-en.txt

x_refsource_MISC

http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-28.jsp

x_refsource_CONFIRM

20030317 S21SEC-011 - Multiple vulnerabilities in BEA WebLogic Server

mailing-list

x_refsource_BUGTRAQ

7122

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2003-0151

Description

Affected Products

References