Unrated severityNVD Advisory· Published Jan 23, 2007· Updated Jun 16, 2026
CVE-2007-0411
CVE-2007-0411
Description
BEA WebLogic Server 8.1 through 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when WS-Security is used, does not properly validate certificates, which allows remote attackers to conduct a man-in-the-middle (MITM) attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:9.2:ga:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:*:sp5:*:*:*:*:*:*range: <=8.1
- (no CPE)range: 8.1 - 9.2 Gold
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.