CVE-2007-0416

CVE-2007-0416 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The WSEE runtime (WS-Security runtime) in BEA WebLogic Server 9.0 and 9.1 does not verify credentials when decrypting client messages, which allows remote attackers to bypass application security.

Learn more about our Web App Pen Testing.