CVE-2000-0500

Published Jun 21, 2000

Last updated 7 years ago

Overview

Description: The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:3.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "742DCC2D-B4AD-4D16-8338-21E258C4FD17"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:3.1.8:*:express:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8E13F70-AE6E-4443-B414-DAACD3F14355"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FED57A9-CD22-48C6-AF7B-C361CA843283"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:4.0:*:express:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "292C88E7-3CD1-4D87-91B1-5E170A358E4D"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9500F620-FEFE-4CB7-A733-65E7372BD8D4"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:4.5:*:express:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AB46979-F303-4CAD-AF0F-997BD7CE724F"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCD5D4AD-0BA3-42F7-852F-524488D74A96"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:5.1:*:express:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8F69E7A-8BBB-4D20-AEE9-F37155AD5C3F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References