CVE-2008-2581

Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer.

CVSS v2.0 5.1 MEDIUM

5.1^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securitytracker.com/id?1020498
http://secunia.com/advisories/31087	Vendor Advisory
http://secunia.com/advisories/31113	Vendor Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143
http://www.vupen.com/english/advisories/2008/2115	Vendor Advisory
http://www.vupen.com/english/advisories/2008/2109/references	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/43824

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:bea_product_suite:10.0:mp1::::::
	cpe:2.3:a:oracle:bea_product_suite:7.0:sp7::::::
	cpe:2.3:a:oracle:weblogic_server_component:8.1:sp6::::::
	cpe:2.3:a:oracle:weblogic_server_component:9.0:::::::*
	cpe:2.3:a:oracle:bea_product_suite:8.1:sp6::::::
	cpe:2.3:a:oracle:bea_product_suite:9.0:::::::*
	cpe:2.3:a:oracle:weblogic_server_component:9.1:::::::*
	cpe:2.3:a:oracle:weblogic_server_component:9.2:mp3::::::
	cpe:2.3:a:oracle:bea_product_suite:9.1:::::::*
	cpe:2.3:a:oracle:bea_product_suite:9.2:mp3::::::
	cpe:2.3:a:oracle:weblogic_server_component:10.0:mp1::::::
	cpe:2.3:a:oracle:weblogic_server_component:7.0:sp7::::::

Information

Published : 2008-07-15 16:41

Updated : 2017-08-07 18:31

NVD link : CVE-2008-2581

Mitre link : CVE-2008-2581

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

oracle

weblogic_server_component
bea_product_suite

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securitytracker.com/id?1020498", "name": "1020498", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/31087", "name": "31087", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/31113", "name": "31113", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143", "name": "SSRT061201", "tags": [], "refsource": "HP"}, {"url": "http://www.vupen.com/english/advisories/2008/2115", "name": "ADV-2008-2115", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2008/2109/references", "name": "ADV-2008-2109", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html", "tags": [], "refsource": "CONFIRM"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43824", "name": "oracle-weblogic-uddiexplorer-unauth-access(43824)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-2581", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2008-07-15T23:41Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:10.0:mp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:7.0:sp7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_component:8.1:sp6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_component:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:8.1:sp6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_component:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_component:9.2:mp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:9.2:mp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_component:10.0:mp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server_component:7.0:sp7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-08T01:31Z"}

5.1 /10