VYPR
Unrated severityNVD Advisory· Published Jan 23, 2007· Updated Jun 16, 2026

CVE-2007-0411

CVE-2007-0411

Description

BEA WebLogic Server 8.1 through 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when WS-Security is used, does not properly validate certificates, which allows remote attackers to conduct a man-in-the-middle (MITM) attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_server:9.2:ga:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_server:*:sp5:*:*:*:*:*:*range: <=8.1
    • (no CPE)range: 8.1 - 9.2 Gold

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.