CVE-2008-4013

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html
http://www.securitytracker.com/id?1021056
http://www.vupen.com/english/advisories/2008/2825
https://exchange.xforce.ibmcloud.com/vulnerabilities/45912

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:bea_product_suite:8.1:sp6::::::
	cpe:2.3:a:oracle:bea_product_suite:9.0:::::::*
	cpe:2.3:a:oracle:bea_product_suite:9.1:::::::*
	cpe:2.3:a:oracle:bea_product_suite:9.2:mp3::::::
	cpe:2.3:a:oracle:bea_product_suite:10.0:mp1::::::

History

No history.

Information

Published : 2008-10-14 21:11

Updated : 2024-02-04 17:33

NVD link : CVE-2008-4013

Mitre link : CVE-2008-4013

CVE.ORG link : CVE-2008-4013

JSON object : View

Products Affected

oracle

bea_product_suite

CWE

NVD-CWE-noinfo

{"id": "CVE-2008-4013", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-10-14T21:11:11.597", "references": [{"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1021056", "source": "secalert_us@oracle.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2825", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45912", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente WebLogic Server de BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0 y 8.1 SP6 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad mediante vectores desconocidos."}], "lastModified": "2017-08-08T01:32:20.310", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:bea_product_suite:8.1:sp6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B8AB045-051A-477E-B2F7-4057826C43F1"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B5D9ABA-10EE-4EE2-9814-BDFBBE9A6014"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09215858-8A4F-4595-98DD-39027EC6CC1A"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:9.2:mp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7390B6A-7944-4509-B499-5B51DB9BF42E"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:10.0:mp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "193516AD-8096-4A6E-9C4B-4B9717DD7021"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}