Back to search
CVE-2007-4616
Published: Aug 31, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The SSL server implementation in BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP1, and 10.0 sometimes selects the null cipher when no other cipher is compatible between the server and client, which might allow remote attackers to intercept communications.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
26539
third-party-advisory
x_refsource_SECUNIA
weblogic-nullcipher-information-disclosure(36320)
vdb-entry
x_refsource_XF
25472
vdb-entry
x_refsource_BID
1018620
vdb-entry
x_refsource_SECTRACK
ADV-2007-3008
vdb-entry
x_refsource_VUPEN
BEA07-176.00
vendor-advisory
x_refsource_BEA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now