admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2008/0xxx/CVE-2008-0901.json
CVE Team bd52c432e7
- Synchronized data.
2018-10-15 17:03:25 -04:00

88 lines
2.5 KiB
JSON
Raw Blame History

{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-0901",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20080225 S21SEC-040-en: Infinite invalid authentication attempts possible in BEA WebLogic Server",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/488686/100/0/threaded"
},
{
"name" : "http://www.s21sec.com/avisos/s21sec-040-en.txt",
"refsource" : "MISC",
"url" : "http://www.s21sec.com/avisos/s21sec-040-en.txt"
},
{
"name" : "BEA08-197.00",
"refsource" : "BEA",
"url" : "http://dev2dev.bea.com/pub/advisory/271"
},
{
"name" : "ADV-2008-0612",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0612/references"
},
{
"name" : "1019449",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1019449"
},
{
"name" : "29041",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29041"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink