Known Vulnerabilities for Weblogic Server by Bea
Listed below are 10 of the newest known vulnerabilities associated with "Weblogic Server" by "Bea".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2010-2375 | Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in ... | 6.4 - MEDIUM | 2010-07-13 | 2018-10-30 |
| CVE-2008-0902 | Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote atta... | 4.3 - MEDIUM | 2008-02-22 | 2011-03-08 |
| CVE-2008-0901 | BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guessing attacks, ev... | 7.1 - HIGH | 2008-02-22 | 2018-10-15 |
| CVE-2008-0900 | Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remot... | 6 - MEDIUM | 2008-02-22 | 2011-03-08 |
| CVE-2008-0899 | Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 through 10.0 al... | 4.3 - MEDIUM | 2008-02-22 | 2011-03-08 |
| CVE-2008-0898 | The distributed queue feature in JMS in BEA WebLogic Server 9.0 through 10.0, in certain configurations, does not properly ha... | 5.8 - MEDIUM | 2008-02-22 | 2011-03-08 |
| CVE-2008-0897 | Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without "receive" permiss... | 7.9 - HIGH | 2008-02-22 | 2011-03-08 |
| CVE-2008-0895 | BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application se... | 6.4 - MEDIUM | 2008-02-22 | 2011-03-08 |
| CVE-2008-0869 | Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 ... | 4.3 - MEDIUM | 2008-02-21 | 2011-03-08 |
| CVE-2008-0863 | BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security policies, which allows remot... | 5 - MEDIUM | 2008-02-21 | 2011-03-08 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Bea | Weblogic Server | 9.2 | All | All | All |
| Application | Bea | Weblogic Server | 9.2 | ga | All | All |
| Application | Bea | Weblogic Server | 9.2 | mp1 | All | All |
| Application | Bea | Weblogic Server | 9.2 | mp2 | All | All |
| Application | Bea | Weblogic Server | 9.1 | All | All | All |
| Application | Bea | Weblogic Server | 9.1 | ga | All | All |
| Application | Bea | Weblogic Server | 9.1 | ga | express | All |
| Application | Bea | Weblogic Server | 9.0 | All | All | All |
| Application | Bea | Weblogic Server | 9.0 | All | All | All |
| Application | Bea | Weblogic Server | 8.1 | All | All | All |
| Application | Bea | Weblogic Server | 8.1 | sp1 | All | All |
| Application | Bea | Weblogic Server | 8.1 | sp1 | express | All |
| Application | Bea | Weblogic Server | 8.1 | sp1 | win32 | All |
| Application | Bea | Weblogic Server | 8.1 | sp2 | All | All |
| Application | Bea | Weblogic Server | 8.1 | sp2 | express | All |
| Application | Bea | Weblogic Server | 8.1 | sp2 | win32 | All |
| Application | Bea | Weblogic Server | 8.1 | sp3 | All | All |
| Application | Bea | Weblogic Server | 8.1 | sp3 | express | All |
| Application | Bea | Weblogic Server | 8.1 | sp3 | win32 | All |
| Application | Bea | Weblogic Server | 8.1 | sp4 | All | All |