CVE-2006-0421

{"id": "CVE-2006-0421", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-01-25T23:07:00.000", "references": [{"url": "http://dev2dev.bea.com/pub/advisory/165", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/18581", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1015528", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/16358", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/0313", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24286", "source": "cve@mitre.org"}, {"url": "http://dev2dev.bea.com/pub/advisory/165", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/18581", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1015528", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/16358", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/0313", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24286", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when creating multiple domains from the same WebLogic instance on the same machine, allows administrators of any created domain to access other created domains, which could allow administrators to gain privileges that were not intended."}], "lastModified": "2024-11-21T00:06:25.537", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bea:weblogic_server:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FDCF6AE-43DC-4AE5-9260-CA657F40BE77"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:6.1:*:express:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05AFBE78-C611-4EA2-8B00-5F8B61696CBE"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9C5AFCF-79D8-4005-B800-B0C6BD461276"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:7.0:*:express:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBDF3AC0-0680-4EEE-898C-47D194667BE2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}