Information disclosure in Bea Weblogic_server
CVE-2008-0863
BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security policies, which allows remote attackers to obtain sensitive information and potentially launch further attacks.
Vulnerability class: Information Disclosure
EPSS: 0.012 (64.5th percentile) — read the EPSS interpretation.
Affected products
- Bea Weblogic_server — versions 9.0, 9.1
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (vendor-advisory, x_refsource_BEA, Patch)