Description
Unspecified vulnerability in the Administration server in BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allows remote authenticated Admin users to read arbitrary files via unknown attack vectors related to an "internal servlet" accessed through HTTP.
References (3)
Core 3
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_bea
http://dev2dev.bea.com/pub/advisory/148
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15052
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17138
Scores
EPSS
0.0034
EPSS Percentile
57.0%
Details
Status
published
Products (1)
bea/weblogic_server
8.1 (8 CPE variants)
Published
Dec 31, 2005
Tracked Since
Feb 18, 2026