Vulnerability in Bea Tuxedo
CVE-2003-0621
The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the existence of files outside the web root via modified paths in the INIFILE argument.
EPSS: 0.069 (93.3th percentile) — read the EPSS interpretation.
Affected products
- Bea Tuxedo — versions 6.3, 6.4, 6.5
- Bea Weblogic_server — versions 4.2, 5.0.1, 5.1
- N/a — versions n/a
References
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (Exploit, Patch, vdb-entry, x_refsource_BID, Vendor Advisory)