CVE-2007-4613

{"id": "CVE-2007-4613", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-08-31T00:17:00.000", "references": [{"url": "http://dev2dev.bea.com/pub/advisory/201", "tags": ["Patch", "Vendor Advisory"], "source": "[email protected]"}, {"url": "http://osvdb.org/45838", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "http://www.securityfocus.com/bid/22082", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "source": "[email protected]"}, {"url": "http://dev2dev.bea.com/pub/advisory/201", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/45838", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/22082", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-310"}]}], "descriptions": [{"lang": "en", "value": "SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote attackers to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an error response, a different vulnerability than CVE-2006-2461."}, {"lang": "es", "value": "Librer\u00eda SSL en el BEA WebLogic Server 6.1 Gold hasta el SP7, 7.0 Gold hasta el SP7 y el 8.1 Gold hasta el SP5, pueden permitir a atacantes remotos la obtenci\u00f3n de texto plano de un chorro SSL a trav\u00e9s de un ataque de \"hombre en el medio\" (man-in-the-middle) que inyecta datos modificados y medidas transcurriendo tiempo hasta que un error responda. Vulnerabilidad diferente a la CVE-2006-2461."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bea:weblogic_server:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D9AB3C0-8783-4160-AE2D-D1E5AAAA0A78"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:6.1:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DFE26B3-31F2-4FC0-854D-56EA4D08C28A"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:6.1:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63017BF8-D681-45EC-9C31-09D029F1126D"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:6.1:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E0B1791-974A-4967-8CF9-33BE8183200B"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:6.1:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B12A8B1-F78E-46B3-8872-4C6484345477"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:6.1:sp5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB2FB0E9-3812-49C5-94F4-3B39D5BE2EED"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:6.1:sp6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B091903-943F-4822-9F24-9D109B2D76A4"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:6.1:sp7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4DACAC1-ABEC-4310-A0FF-B69EF9BCF273"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9C5AFCF-79D8-4005-B800-B0C6BD461276"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6828CE4B-91E8-4688-977F-DC7BC21131C8"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E141AA86-C6D0-4FA8-9268-0FB0635DF9CF"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "893D9D88-43C4-4F9F-A364-0585DE6FA9E9"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D34E2925-DE2A-437F-B349-BD7103F4C37E"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16E3F943-D920-4C0A-8545-5CF7D792011F"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B46A3EBE-B268-427E-AAB5-62DDF255F1D1"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5D61A68-E83A-4374-832A-C9A2FEA0AD6C"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E08D4CEA-9ACC-4869-BC87-3524A059914F"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F5B2A06-CE19-4A57-9566-09FC1E259CDB"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D18E22CC-A0FC-4BC7-AD39-2645F57486C1"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9429D939-FCC4-4BA7-90C4-BBEECE7309D0"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:8.1:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0653ACAC-B0D9-4381-AB23-11D24852A414"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:8.1:sp5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A489A8E-D3AE-42DF-8DCF-5A9EF10778FA"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}