Vulnerability Details : CVE-2007-0408
BEA Weblogic Server 8.1 through 8.1 SP4 does not properly validate client certificates when reusing cached connections, which allows remote attackers to obtain access via an untrusted X.509 certificate.
Products affected by CVE-2007-0408
- cpe:2.3:a:bea:weblogic_server:*:sp4:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-0408
4.43%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-0408
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2007-0408
Jump to