CVE-2006-2467

low

Description

BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 displays the internal IP address of the WebLogic server in the WebLogic Server Administration Console, which allows remote authenticated administrators to determine the address.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/26462

http://www.vupen.com/english/advisories/2006/1828

http://securitytracker.com/id?1016099

http://securitytracker.com/id?1016097

http://secunia.com/advisories/20130

http://dev2dev.bea.com/pub/advisory/191

Details

Source: Mitre, NVD

Published: 2006-05-19

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 2.7

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Severity: Low

EPSS

EPSS: 0.00303