Vulnerability Details : CVE-2007-4614
BEA WebLogic Server 9.1 does not properly handle propagation of an admin server's security policy change log to temporarily unavailable managed servers, which might allow attackers to bypass intended restrictions, a different vulnerability than CVE-2007-0426.
Exploit prediction scoring system (EPSS) score for CVE-2007-4614
Probability of exploitation activity in the next 30 days: 0.28%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 65 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-4614
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2007-4614
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-4614
Products affected by CVE-2007-4614
- cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*