2.1

CVE-2004-0471

BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2 does not enforce site restrictions for starting and stopping servers for users in the Admin and Operator security roles, which allows unauthorized users to cause a denial of service (service shutdown).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
BeaWeblogic Server Version7.0
BeaWeblogic Server Version7.0 Editionexpress
BeaWeblogic Server Version8.1
BeaWeblogic Server Version8.1 Editionexpress
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.4% 0.316
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_60.00.jsp
Patch
Vendor Advisory
http://secunia.com/advisories/11594
http://securitytracker.com/id?1010129
http://www.osvdb.org/6077
http://www.securityfocus.com/bid/10327
https://exchange.xforce.ibmcloud.com/vulnerabilities/16121