CVE-2006-0422

critical

Description

Multiple unspecified vulnerabilities in BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allow remote attackers to access MBean attributes or cause an unspecified denial of service via unknown attack vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/24294

http://www.vupen.com/english/advisories/2006/0313

http://www.securityfocus.com/bid/16358

http://securitytracker.com/id?1015528

http://secunia.com/advisories/18592

http://dev2dev.bea.com/pub/advisory/166

Details

Source: Mitre, NVD

Published: 2006-01-25

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Severity: Critical

EPSS

EPSS: 0.00952