Unrated severityNVD Advisory· Published Jan 23, 2007· Updated Jun 16, 2026
CVE-2007-0408
CVE-2007-0408
Description
BEA Weblogic Server 8.1 through 8.1 SP4 does not properly validate client certificates when reusing cached connections, which allows remote attackers to obtain access via an untrusted X.509 certificate.
Affected products
3cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:*:sp4:*:*:*:*:*:*range: <=8.1
- (no CPE)range: 8.1 - 8.1 SP4
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.