CVE-2006-2467

BEA WebLogic Server <8.1 SP4, <7.0 SP6, <6.1 SP7 - Info Disclosure

Title source: llm

Description

BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 displays the internal IP address of the WebLogic server in the WebLogic Server Administration Console, which allows remote authenticated administrators to determine the address.

References (6)

Core 6

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/26462

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20130

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/1828

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016099

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016097

Patch, Vendor Advisory vendor-advisory x_refsource_bea

http://dev2dev.bea.com/pub/advisory/191

Scores

EPSS 0.0032

EPSS Percentile 54.7%

Details

Status published

Products (3)

bea/weblogic_server 6.1 (7 CPE variants)

bea/weblogic_server 7.0 (6 CPE variants)

bea/weblogic_server 8.1 (4 CPE variants)

Published May 19, 2006

Tracked Since Feb 18, 2026