CVE-2005-4757

Loading...

General

Score:7.5/10.0
Severity:High
Category:N/A

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 31/12/05 - Updated on 27/09/18

Description

BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, do not properly "constrain" a "/" (slash) servlet root URL pattern, which might allow remote attackers to bypass intended servlet protections.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2005-4757

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
beaweblogic_server

Share this vulnerability with:

Twitter Facebook LinkedIn Mail