CVE-2007-0408

High

7.5/10

Summary

BEA Weblogic Server 8.1 through 8.1 SP4 does not properly validate client certificates when reusing cached connections, which allows remote attackers to obtain access via an untrusted X.509 certificate.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Jan 23, 2007

CVE-2007-0408

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS