CVE-2008-5457

Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/33526
http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html
http://www.securityfocus.com/bid/33177
http://www.securitytracker.com/id?1021571
http://www.vupen.com/english/advisories/2009/0115

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:bea_product_suite:7.0:sp7::::::
	cpe:2.3:a:oracle:bea_product_suite:8.1:sp6::::::
	cpe:2.3:a:oracle:bea_product_suite:9.0:::::::*
	cpe:2.3:a:oracle:bea_product_suite:9.1:::::::*
	cpe:2.3:a:oracle:bea_product_suite:9.2:mp3::::::
	cpe:2.3:a:oracle:bea_product_suite:10.0:mp1::::::
	cpe:2.3:a:oracle:bea_product_suite:10.3:::::::*

History

No history.

Information

Published : 2009-01-14 02:30

Updated : 2024-02-04 17:33

NVD link : CVE-2008-5457

Mitre link : CVE-2008-5457

CVE.ORG link : CVE-2008-5457

JSON object : View

Products Affected

oracle

bea_product_suite

CWE

NVD-CWE-noinfo

{"id": "CVE-2008-5457", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-01-14T02:30:00.563", "references": [{"url": "http://secunia.com/advisories/33526", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/33177", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1021571", "source": "secalert_us@oracle.com"}, {"url": "http://www.vupen.com/english/advisories/2009/0115", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle BEA WebLogic Server Plugins para Apache, Sun y IIS web servers en BEA Product Suite 10.3, 10.0, MP1, 9.2, MP3, 9.1, 9.0, 8.1, SP6, 7.0 y SP7 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad mediante vectores desconocidos."}], "lastModified": "2012-10-23T02:56:48.633", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:bea_product_suite:7.0:sp7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6859E096-4FA7-4797-B2D6-C5CE15D2078C"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:8.1:sp6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B8AB045-051A-477E-B2F7-4057826C43F1"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B5D9ABA-10EE-4EE2-9814-BDFBBE9A6014"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09215858-8A4F-4595-98DD-39027EC6CC1A"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:9.2:mp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7390B6A-7944-4509-B499-5B51DB9BF42E"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:10.0:mp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "193516AD-8096-4A6E-9C4B-4B9717DD7021"}, {"criteria": "cpe:2.3:a:oracle:bea_product_suite:10.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B1C64BD-7C8C-4B28-9EA8-5198B6C71AD1"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}