Bea Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Application Server Software	216
Not Defined	22
Groupware Software	2

Product

BEA WebLogic Server	132
BEA WebLogic	52
BEA WebLogic Portal	26
BEA Tuxedo	10
BEA Aqualogic Service Bus	4

Remediation

Official Fix	112
Temporary Fix	0
Workaround	4
Unavailable	0
Not Defined	124

Exploitability

High	0
Functional	0
Proof-of-Concept	144
Unproven	0
Not Defined	96

Access Vector

Not Defined	0
Physical	0
Local	36
Adjacent	14
Network	190

Authentication

Not Defined	0
High	0
Low	24
None	216

User Interaction

Not Defined	0
Required	24
None	216

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	20
≤5	20
≤6	84
≤7	42
≤8	60
≤9	6
≤10	8

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	24
≤5	54
≤6	70
≤7	54
≤8	28
≤9	4
≤10	6

VulDB

≤1	0
≤2	0
≤3	0
≤4	20
≤5	20
≤6	84
≤7	42
≤8	60
≤9	6
≤10	8

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Vendor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	0
<2k	0
<5k	24
<10k	78
<25k	92
<50k	46
<100k	0
≥100k	0

Exploit Today

<1k	180
<2k	24
<5k	20
<10k	16
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Market Volume

🔴 CTI Activities

Affected Products (16): AquaLogic Interaction (2), AquaLogic Service Bus (1), Aqualogic Service Bus (2), BEA WebLogic Portal (1), JRockit (1), Plumtree Collaboration (1), Plumtree Foundation (1), Tuxedo (6), WebLogic (71), WebLogic Mobility Server (1), WebLogic Portal (23), WebLogic Server (124), WebLogic Workshop (3), Weblogic (1), Weblogic Integration (1), Weblogic Workshop (1)

Link to Vendor Website: https://www.oracle.com/corporate/acquisitions/bea/

Published	Base	Temp	Vulnerability	Prod	Exp	Rem	EPSS	CTI	CVE
07/22/2008	10.0	10.0	BEA WebLogic Server mod_wl .jsp memory corruption	Application Server Software	High	Not Defined	0.93269	0.00	CVE-2008-3257
02/22/2008	5.3	4.8	BEA WebLogic Server denial of service	Application Server Software	Proof-of-Concept	Official Fix	0.00600	0.00	CVE-2008-0903
02/22/2008	4.3	4.1	BEA WebLogic Server cross site scripting	Application Server Software	Proof-of-Concept	Not Defined	0.00243	0.00	CVE-2008-0902
02/22/2008	7.5	7.1	BEA WebLogic Server credentials management	Application Server Software	Proof-of-Concept	Not Defined	0.00609	0.00	CVE-2008-0901
02/22/2008	6.3	6.0	BEA WebLogic Server access control	Application Server Software	Proof-of-Concept	Not Defined	0.00231	0.00	CVE-2008-0900
02/22/2008	4.3	4.1	BEA WebLogic Server Administration Console cross site scripting	Application Server Software	Proof-of-Concept	Not Defined	0.00279	0.00	CVE-2008-0899
02/22/2008	6.5	6.2	BEA WebLogic Server Access Restriction access control	Application Server Software	Proof-of-Concept	Not Defined	0.00256	0.00	CVE-2008-0898
02/22/2008	8.1	7.7	BEA WebLogic Server Access Restriction access control	Application Server Software	Proof-of-Concept	Not Defined	0.00231	0.02	CVE-2008-0897
02/22/2008	5.4	4.9	BEA WebLogic Portal Access Restriction access control	Application Server Software	Proof-of-Concept	Official Fix	0.00076	0.00	CVE-2008-0896
02/22/2008	6.5	6.2	BEA WebLogic Server improper authentication	Application Server Software	Proof-of-Concept	Not Defined	0.00304	0.00	CVE-2008-0895
02/20/2008	7.3	6.9	BEA WebLogic Portal Administration Console link following	Application Server Software	Proof-of-Concept	Not Defined	0.00860	0.00	CVE-2008-0870
02/20/2008	4.3	3.9	BEA WebLogic Workshop UI Framework cross site scripting	Application Server Software	Proof-of-Concept	Official Fix	0.00456	0.00	CVE-2008-0869
02/20/2008	4.3	3.9	BEA WebLogic Portal cross site scripting	Application Server Software	Proof-of-Concept	Official Fix	0.00238	0.00	CVE-2008-0868
02/20/2008	4.3	3.9	BEA Plumtree Foundation cross site scripting	Unknown	Proof-of-Concept	Official Fix	0.00452	0.00	CVE-2008-0867
02/20/2008	4.3	4.1	BEA WebLogic Workshop cross site scripting	Application Server Software	Proof-of-Concept	Not Defined	0.00279	0.00	CVE-2008-0866
02/20/2008	5.3	5.0	BEA WebLogic Portal access control	Application Server Software	Proof-of-Concept	Not Defined	0.00293	0.00	CVE-2008-0865
02/20/2008	5.3	5.0	BEA WebLogic Portal Access Restriction access control	Application Server Software	Proof-of-Concept	Not Defined	0.00293	0.00	CVE-2008-0864
02/20/2008	5.3	5.0	BEA WebLogic Server information disclosure	Application Server Software	Proof-of-Concept	Not Defined	0.00294	0.00	CVE-2008-0863
02/19/2008	7.5	6.7	BEA Plumtree Collaboration information disclosure	Groupware Software	Proof-of-Concept	Official Fix	0.00463	0.00	CVE-2008-0904
12/12/2007	7.3	6.9	BEA WebLogic Mobility Server improper authentication	Application Server Software	Proof-of-Concept	Not Defined	0.02056	0.00	CVE-2007-6384
12/01/2007	5.3	5.0	BEA AquaLogic Interaction information disclosure	Unknown	Proof-of-Concept	Not Defined	0.02358	0.00	CVE-2007-6198
12/01/2007	5.3	5.0	BEA AquaLogic Interaction information disclosure	Unknown	Proof-of-Concept	Not Defined	0.01255	0.00	CVE-2007-6197
08/30/2007	6.5	6.2	BEA WebLogic Server information disclosure	Application Server Software	High	Official Fix	0.00873	0.00	CVE-2007-4616
08/30/2007	6.5	6.2	BEA WebLogic Server unknown vulnerability	Application Server Software	Proof-of-Concept	Not Defined	0.01215	0.00	CVE-2007-4615
08/28/2007	7.5	6.5	BEA WebLogic Server denial of service	Application Server Software	Proof-of-Concept	Official Fix	0.01094	0.00	CVE-2007-4618

215 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 215 results.

◂ PreviousOverviewNext ▸

Do you need the next level of professionalism?

Upgrade your account now!