CVE-2007-2705
Published May 16, 2007
Last updated 7 years ago
Overview
- Description
- Directory traversal vulnerability in the Test View Console in BEA WebLogic Integration 9.2 before SP1 and WebLogic Workshop 8.1 SP2 through SP6, when "deployed in an exploded format," allows remote attackers to list a WebLogic Workshop Directory (wlwdir) parent directory via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- -
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bea:weblogic_integration:9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C64003CF-C562-491A-8430-B8D40CEC528C"
},
{
"criteria": "cpe:2.3:a:bea:weblogic_workshop:8.1:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD6F9694-259F-4631-BC93-B1136F08E77E"
},
{
"criteria": "cpe:2.3:a:bea:weblogic_workshop:8.1:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "77624161-7740-4162-9C83-C0DFEA2BBCCC"
},
{
"criteria": "cpe:2.3:a:bea:weblogic_workshop:8.1:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E785D039-3426-4C1F-BBA8-7C6D32FB141E"
},
{
"criteria": "cpe:2.3:a:bea:weblogic_workshop:8.1:sp5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4B2A474-B6C4-47B6-8B20-8722A8C25238"
},
{
"criteria": "cpe:2.3:a:bea:weblogic_workshop:8.1:sp6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FDBD7AF-51AC-48B9-A465-0C13B9230EE3"
}
],
"operator": "OR"
}
]
}
]