Unrated severityNVD Advisory· Published Jan 23, 2007· Updated Jun 16, 2026
CVE-2007-0417
CVE-2007-0417
Description
BEA WebLogic Server 7.0 through 7.0 SP7, 8.1 through 8.1 SP5, 9.0, and 9.1, when using the WebLogic Server 6.1 compatibility realm, allows attackers to execute certain EJB container persistence operations with an administrative identity.
Affected products
7cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp5:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:*:sp7:*:*:*:*:*:*range: <=7.0
- (no CPE)range: 7.0 through 7.0 SP7, 8.1 through 8.1 SP5, 9.0, 9.1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.