- Description
- Unspecified vulnerability in the Image Converter functionality in BEA WebLogic Mobility Server 3.3, 3.5, and 3.6 through 3.6 SP1 allows remote attackers to obtain application file and resource access via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-287
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bea:weblogic_mobility_server:3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A888C92-98AB-4364-8096-38E0601206B3"
},
{
"criteria": "cpe:2.3:a:bea:weblogic_mobility_server:3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F67944AC-7E54-49EC-896F-BCDB0A6F5089"
},
{
"criteria": "cpe:2.3:a:bea:weblogic_mobility_server:3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75B86EF7-9EDE-494B-A8CE-A07E97CFE215"
},
{
"criteria": "cpe:2.3:a:bea:weblogic_mobility_server:3.6:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19062190-0250-41AE-9B29-C8F4C497F06B"
}
],
"operator": "OR"
}
]
}
]