{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T18:08:13.664","vulnerabilities":[{"cve":{"id":"CVE-2008-0897","sourceIdentifier":"cve@mitre.org","published":"2008-02-22T21:44:00.000","lastModified":"2026-04-23T00:35:47.467","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without \"receive\" permissions to bypass intended access restrictions and receive messages from a standalone JMS Topic or secured Distributed Topic member destination, related to durable subscriptions."},{"lang":"es","value":"Vulnerabilidad no especificada en BEA WebLogic Server de 9.0 a 10.0 permite a usuarios autentificados remotamente sin los permisos \"receive (recibir)\" evitar las restricciones de acceso previstas y recibir mensajes de un JMS Topic independiente o un destino de miembro Distributed Topic seguro, relacionados a subscripciones duraderas."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:C/I:C/A:N","baseScore":7.9,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"NONE"},"baseSeverity":"HIGH","exploitabilityScore":6.8,"impactScore":9.2,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-264"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*","matchCriteriaId":"3CA97F1A-49F7-4511-8959-D62155491DF5"},{"vulnerable":true,"criteria":"cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*","matchCriteriaId":"DCAAE8F1-CB25-4871-BE48-ABF7DFAD8AD6"},{"vulnerable":true,"criteria":"cpe:2.3:a:bea:weblogic_server:9.2:*:*:*:*:*:*:*","matchCriteriaId":"7BA8C449-ECD0-46E5-A7D6-740DE8DEE0EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:bea:weblogic_server:9.2:mp1:*:*:*:*:*:*","matchCriteriaId":"321BC193-5FBF-4F25-996D-1FE74779F34D"},{"vulnerable":true,"criteria":"cpe:2.3:a:bea:weblogic_server:10.0:*:*:*:*:*:*:*","matchCriteriaId":"60F9ABCC-5217-4650-8C71-F8B0EB86789F"}]}]}],"references":[{"url":"http://dev2dev.bea.com/pub/advisory/267","source":"cve@mitre.org","tags":["Patch"]},{"url":"http://secunia.com/advisories/29041","source":"cve@mitre.org"},{"url":"http://www.securitytracker.com/id?1019444","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2008/0612/references","source":"cve@mitre.org"},{"url":"http://dev2dev.bea.com/pub/advisory/267","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://secunia.com/advisories/29041","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id?1019444","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2008/0612/references","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}