CVE-2007-0423

{"id": "CVE-2007-0423", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.4, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-01-23T00:28:00.000", "references": [{"url": "http://dev2dev.bea.com/pub/advisory/218", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://osvdb.org/32857", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/23750", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1017521", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/22082", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/0213", "source": "cve@mitre.org"}, {"url": "http://dev2dev.bea.com/pub/advisory/218", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/32857", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/23750", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1017521", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/22082", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/0213", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "BEA WebLogic Portal 9.2 does not properly handle when an administrator deletes entitlements for a role, which causes other role entitlements to be \"inadvertently affected,\" which has an unknown impact."}, {"lang": "es", "value": "BEA WebLogic Portal 9.2 no maneja adecuadamente cuando un administrador borra derechos de un rol, lo que provoca que otros derechos de ese rol sean \"afectados inadvertidamente\", lo cual tiene un impacto desconocido."}], "lastModified": "2024-11-21T00:25:49.730", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:weblogic_portal:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B04835B2-7FE9-462B-B989-4031D43C9670"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}