Back to search
CVE-2007-4615
Published: Aug 31, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The SSL client implementation in BEA WebLogic Server 7.0 SP7, 8.1 SP2 through SP6, 9.0, 9.1, 9.2 Gold through MP2, and 10.0 sometimes selects the null cipher when others are available, which might allow remote attackers to intercept communications.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
26539
third-party-advisory
x_refsource_SECUNIA
BEA07-175.00
vendor-advisory
x_refsource_BEA
25472
vdb-entry
x_refsource_BID
ADV-2007-3008
vdb-entry
x_refsource_VUPEN
1018619
vdb-entry
x_refsource_SECTRACK
weblogic-cipher-information-disclosure(36322)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now