VYPR
Unrated severityNVD Advisory· Published Feb 21, 2008· Updated Jun 16, 2026

CVE-2008-0864

CVE-2008-0864

Description

Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote attackers to bypass intended access restrictions.

Affected products

5
  • cpe:2.3:a:bea_systems:weblogic_portal:8.1_sp6:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:bea_systems:weblogic_portal:8.1_sp6:*:*:*:*:*:*:*
    • (no CPE)range: 8.1 SP3 - SP6
  • cpe:2.3:a:oracle:weblogic_portal:8.1:sp3:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:oracle:weblogic_portal:8.1:sp3:*:*:*:*:*:*
    • cpe:2.3:a:oracle:weblogic_portal:8.1:sp4:*:*:*:*:*:*
    • cpe:2.3:a:oracle:weblogic_portal:8.1:sp5:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.