Skip to main content

CVE-2007-0415

Severity Medium
Score 5/10

Summary

BEA WebLogic Server 8.1 through 8.1 SP5 does not properly enforce access control after a dynamic update and dynamic redeployment of an application that is implemented through exploded jars, which allows attackers to bypass intended access restrictions.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • PARTIAL
  • NONE

References

Advisory Timeline

  • Published