Vulnerability in Bea Weblogic_server
CVE-2005-1744
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without having to log in again, which may be in vi…
EPSS: 0.021 (79.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Bea Weblogic_server
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (vdb-entry, Broken Link, x_refsource_VUPEN)
- cve@mitre.org (x_refsource_SECUNIA, Broken Link, Vendor Advisory, third-party-advisory)
- cve@mitre.org (Product, vendor-advisory, x_refsource_BEA)
- cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK, Broken Link)
- cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, Broken Link, x_refsource_BID)
Frequently asked questions
- What is CVE-2005-1744?
- CVE-2005-1744 is a critical-severity vulnerability in Bea Weblogic_server, classified under Incomplete Cleanup. CVSS score: 9.8/10. Published 2005-05-24.
- How severe is CVE-2005-1744?
- Critical severity. CVSS v3 base score is 9.8 out of 10.