CVE-2008-0900
Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors.
| Software | From | Fixed in |
|---|---|---|
| bea / weblogic_server | 9.2 | 9.2.x |
| bea / weblogic_server | 8.1-sp6 | 8.1-sp6.x |
| bea / weblogic_server | 8.1-sp5 | 8.1-sp5.x |
| bea_systems / weblogic_express | 10.0 | 10.0.x |
| bea / weblogic_server | 8.1-sp4 | 8.1-sp4.x |
| bea / weblogic_server | 10.0 | 10.0.x |
| bea / weblogic_server | 9.2-mp1 | 9.2-mp1.x |
| bea_systems / weblogic_express | 9.2-mp1 | 9.2-mp1.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime