CVE-2008-2581

Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer.

CVSS v2.0 5.1 MEDIUM

5.1^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143
http://secunia.com/advisories/31087	Vendor Advisory
http://secunia.com/advisories/31113	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html
http://www.securitytracker.com/id?1020498
http://www.vupen.com/english/advisories/2008/2109/references	Vendor Advisory
http://www.vupen.com/english/advisories/2008/2115	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/43824

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:bea_product_suite:7.0:sp7::::::
	cpe:2.3:a:oracle:bea_product_suite:8.1:sp6::::::
	cpe:2.3:a:oracle:bea_product_suite:9.0:::::::*
	cpe:2.3:a:oracle:bea_product_suite:9.1:::::::*
	cpe:2.3:a:oracle:bea_product_suite:9.2:mp3::::::
	cpe:2.3:a:oracle:bea_product_suite:10.0:mp1::::::
	cpe:2.3:a:oracle:weblogic_server_component:7.0:sp7::::::
	cpe:2.3:a:oracle:weblogic_server_component:8.1:sp6::::::
	cpe:2.3:a:oracle:weblogic_server_component:9.0:::::::*
	cpe:2.3:a:oracle:weblogic_server_component:9.1:::::::*
	cpe:2.3:a:oracle:weblogic_server_component:9.2:mp3::::::
	cpe:2.3:a:oracle:weblogic_server_component:10.0:mp1::::::

History

No history.

Information

Published : 2008-07-15 23:41

Updated : 2024-02-04 17:33

NVD link : CVE-2008-2581

Mitre link : CVE-2008-2581

CVE.ORG link : CVE-2008-2581

JSON object : View

Products Affected

oracle

weblogic_server_component
bea_product_suite

CWE

NVD-CWE-noinfo

{"id": "CVE-2008-2581", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-07-15T23:41:00.000", "references": [{"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/31087", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/31113", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1020498", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/2109/references", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/2115", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43824", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en el componente WebLogic Server en BEA Product Suite de Oracle versiones 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6 y 7.0 SP7, presenta un impacto desconocido y vectores de ataque remotos relacionados con UDDI Explorer."}], "lastModified": "2017-08-08T01:31:10.450", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:bea_product_suite:7.0:sp7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6859E096-4FA7-4797-B2D6-C5CE15D2078C"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:8.1:sp6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B8AB045-051A-477E-B2F7-4057826C43F1"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B5D9ABA-10EE-4EE2-9814-BDFBBE9A6014"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09215858-8A4F-4595-98DD-39027EC6CC1A"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:9.2:mp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7390B6A-7944-4509-B499-5B51DB9BF42E"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:10.0:mp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "193516AD-8096-4A6E-9C4B-4B9717DD7021"}, {"criteria": "cpe:2.3:a:oracle:weblogic_server_component:7.0:sp7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7946A2F-378A-4A19-8B6F-18768E385C8D"}, {"criteria": "cpe:2.3:a:oracle:weblogic_server_component:8.1:sp6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3B986B9-A82B-4087-808E-854EC443AC3C"}, {"criteria": "cpe:2.3:a:oracle:weblogic_server_component:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AF95249-8970-406B-B874-4B9925471C27"}, {"criteria": "cpe:2.3:a:oracle:weblogic_server_component:9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD536DD6-AF76-4075-8B28-322FB65793AE"}, {"criteria": "cpe:2.3:a:oracle:weblogic_server_component:9.2:mp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BDA1940-A3F4-4CEC-BDD0-B098B2E27CE5"}, {"criteria": "cpe:2.3:a:oracle:weblogic_server_component:10.0:mp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BB8A45D-95E5-4F14-A51A-29B5A6E45F43"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}