VYPR
Unrated severityNVD Advisory· Published Jan 23, 2007· Updated Jun 16, 2026

CVE-2007-0417

CVE-2007-0417

Description

BEA WebLogic Server 7.0 through 7.0 SP7, 8.1 through 8.1 SP5, 9.0, and 9.1, when using the WebLogic Server 6.1 compatibility realm, allows attackers to execute certain EJB container persistence operations with an administrative identity.

Affected products

7
  • cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_server:8.1:sp5:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_server:*:sp7:*:*:*:*:*:*range: <=7.0
    • (no CPE)range: 7.0 through 7.0 SP7, 8.1 through 8.1 SP5, 9.0, 9.1

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.