CVE-2009-1975

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality, integrity, and availability, related to the WLS Console Package.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securitytracker.com/id?1022561
http://secunia.com/advisories/35776
http://www.vupen.com/english/advisories/2009/1900
http://www.securityfocus.com/bid/35673
http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/51759

Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:bea_product_suite:10.3:*:*:*:*:*:*:*

Information

Published : 2009-07-14 16:30

Updated : 2017-08-16 18:30

NVD link : CVE-2009-1975

Mitre link : CVE-2009-1975

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

oracle

bea_product_suite

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securitytracker.com/id?1022561", "name": "1022561", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/35776", "name": "35776", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2009/1900", "name": "ADV-2009-1900", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.securityfocus.com/bid/35673", "name": "35673", "tags": [], "refsource": "BID"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html", "tags": [], "refsource": "CONFIRM"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51759", "name": "oracle-bea-wls-console-unspecified(51759)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality, integrity, and availability, related to the WLS Console Package."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2009-1975", "ASSIGNER": "secalert_us@oracle.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2009-07-14T23:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:bea_product_suite:10.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-17T01:30Z"}

6.8 /10