5.5

CVE-2004-2696

BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP), does not properly handle when multiple logins for different users coming from the same client, which could cause an "unexpected user identity" to be used in an RMI call.

Data is provided by the National Vulnerability Database (NVD)
BeaWeblogic Server Version6.1
BeaWeblogic Server Version6.1 Editionexpress
BeaWeblogic Server Version6.1 Editionwin32
BeaWeblogic Server Version6.1 Updatesp1
BeaWeblogic Server Version6.1 Updatesp1 Editionexpress
BeaWeblogic Server Version6.1 Updatesp1 Editionwin32
BeaWeblogic Server Version6.1 Updatesp2
BeaWeblogic Server Version6.1 Updatesp2 Editionexpress
BeaWeblogic Server Version6.1 Updatesp2 Editionwin32
BeaWeblogic Server Version6.1 Updatesp3
BeaWeblogic Server Version6.1 Updatesp3 Editionexpress
BeaWeblogic Server Version6.1 Updatesp3 Editionwin32
BeaWeblogic Server Version6.1 Updatesp4
BeaWeblogic Server Version6.1 Updatesp4 Editionexpress
BeaWeblogic Server Version6.1 Updatesp4 Editionwin32
BeaWeblogic Server Version6.1 Updatesp5
BeaWeblogic Server Version6.1 Updatesp5 Editionexpress
BeaWeblogic Server Version6.1 Updatesp5 Editionwin32
BeaWeblogic Server Version6.1 Updatesp6
BeaWeblogic Server Version6.1 Updatesp6 Editionexpress
BeaWeblogic Server Version6.1 Updatesp6 Editionwin32
BeaWeblogic Server Version7.0
BeaWeblogic Server Version7.0 Editionexpress
BeaWeblogic Server Version7.0 Editionwin32
BeaWeblogic Server Version7.0 Updatesp1
BeaWeblogic Server Version7.0 Updatesp1 Editionexpress
BeaWeblogic Server Version7.0 Updatesp1 Editionwin32
BeaWeblogic Server Version7.0 Updatesp2
BeaWeblogic Server Version7.0 Updatesp2 Editionexpress
BeaWeblogic Server Version7.0 Updatesp2 Editionwin32
BeaWeblogic Server Version7.0 Updatesp3
BeaWeblogic Server Version7.0 Updatesp3 Editionexpress
BeaWeblogic Server Version7.0 Updatesp3 Editionwin32
BeaWeblogic Server Version7.0 Updatesp4
BeaWeblogic Server Version7.0 Updatesp4 Editionexpress
BeaWeblogic Server Version7.0 Updatesp4 Editionwin32
BeaWeblogic Server Version7.0 Updatesp5
BeaWeblogic Server Version7.0 Updatesp5 Editionexpress
BeaWeblogic Server Version7.0 Updatesp5 Editionwin32
BeaWeblogic Server Version7.0.0.1
BeaWeblogic Server Version7.0.0.1 Editionexpress
BeaWeblogic Server Version7.0.0.1 Editionwin32
BeaWeblogic Server Version7.0.0.1 Updatesp1
BeaWeblogic Server Version7.0.0.1 Updatesp1 Editionexpress
BeaWeblogic Server Version7.0.0.1 Updatesp1 Editionwin32
BeaWeblogic Server Version7.0.0.1 Updatesp2
BeaWeblogic Server Version7.0.0.1 Updatesp2 Editionexpress
BeaWeblogic Server Version7.0.0.1 Updatesp2 Editionwin32
BeaWeblogic Server Version7.0.0.1 Updatesp3
BeaWeblogic Server Version7.0.0.1 Updatesp3 Editionexpress
BeaWeblogic Server Version7.0.0.1 Updatesp4
BeaWeblogic Server Version7.0.0.1 Updatesp4 Editionexpress
BeaWeblogic Server Version8.1
BeaWeblogic Server Version8.1 Editionexpress
BeaWeblogic Server Version8.1 Editionwin32
BeaWeblogic Server Version8.1 Updatesp1
BeaWeblogic Server Version8.1 Updatesp1 Editionexpress
BeaWeblogic Server Version8.1 Updatesp1 Editionwin32
BeaWeblogic Server Version8.1 Updatesp2
BeaWeblogic Server Version8.1 Updatesp2 Editionexpress
BeaWeblogic Server Version8.1 Updatesp2 Editionwin32
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.55% 0.651
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.5 8 4.9
AV:N/AC:L/Au:S/C:P/I:P/A:N