BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-02-21T01:00:00
Updated: 2008-03-05T10:00:00
Reserved: 2008-02-20T00:00:00
Link: CVE-2008-0870
JSON object: View
NVD Information
Status : Modified
Published: 2008-02-21T01:44:00.000
Modified: 2018-10-30T16:25:28.980
Link: CVE-2008-0870
JSON object: View
Redhat Information
No data.
CWE