CVE-2006-0421 Information

Description

By design BEA WebLogic Server and WebLogic Express 7.0 and 6.1 when creating multiple domains from the same WebLogic instance on the same machine allows administrators of any created domain to access other created domains which could allow administrators to gain privileges that were not intended.

Reference

http://dev2dev.bea.com/pub/advisory/165 http://secunia.com/advisories/18581 http://securitytracker.com/id?1015528 http://www.securityfocus.com/bid/16358 http://www.vupen.com/english/advisories/2006/0313 https://exchange.xforce.ibmcloud.com/vulnerabilities/24286