Back to search
CVE-2008-0896
Published: Feb 22, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
BEA WebLogic Portal 10.0 and 9.2 through MP1, when an administrator deletes a single instance of a content portlet, removes entitlement policies for other content portlets, which allows attackers to bypass intended access restrictions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
BEA08-192.00
vendor-advisory
x_refsource_BEA
ADV-2008-0613
vdb-entry
x_refsource_VUPEN
1019453
vdb-entry
x_refsource_SECTRACK
29041
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now