CVE-2006-2470
First published: Fri May 19 2006(Updated: )
Unspecified vulnerability in the WebLogic Server Administration Console for BEA WebLogic Server 9.0 prevents the console from setting custom JDBC security policies correctly, which could allow attackers to bypass intended policies.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle WebLogic Server | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2006-2470?
CVE-2006-2470 is considered a moderate severity vulnerability due to its impact on JDBC security policy settings.
How do I fix CVE-2006-2470?
To fix CVE-2006-2470, update to a newer version of Oracle WebLogic Server that addresses this specific vulnerability.
What systems are affected by CVE-2006-2470?
CVE-2006-2470 specifically affects BEA WebLogic Server version 9.0.
What type of attack can be performed using CVE-2006-2470?
An attacker could potentially bypass intended JDBC security policies due to the vulnerability in the WebLogic Server Administration Console.
Is there a workaround for CVE-2006-2470?
There are no documented workarounds for CVE-2006-2470; updating the software is the recommended approach.
- agent/type
- agent/references
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/bea
- canonical/oracle weblogic server
- version/oracle weblogic server/9.0