Unrated severityNVD Advisory· Published Feb 21, 2008· Updated Jun 16, 2026
CVE-2008-0864
CVE-2008-0864
Description
Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote attackers to bypass intended access restrictions.
Affected products
5cpe:2.3:a:bea_systems:weblogic_portal:8.1_sp6:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:bea_systems:weblogic_portal:8.1_sp6:*:*:*:*:*:*:*
- (no CPE)range: 8.1 SP3 - SP6
cpe:2.3:a:oracle:weblogic_portal:8.1:sp3:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:weblogic_portal:8.1:sp3:*:*:*:*:*:*
- cpe:2.3:a:oracle:weblogic_portal:8.1:sp4:*:*:*:*:*:*
- cpe:2.3:a:oracle:weblogic_portal:8.1:sp5:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.