Unrated severityNVD Advisory· Published Jan 23, 2007· Updated Jun 16, 2026
CVE-2007-0415
CVE-2007-0415
Description
BEA WebLogic Server 8.1 through 8.1 SP5 does not properly enforce access control after a dynamic update and dynamic redeployment of an application that is implemented through exploded jars, which allows attackers to bypass intended access restrictions.
Affected products
3cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:*:sp5:*:*:*:*:*:*range: <=8.1
- (no CPE)range: <=8.1 SP5
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.