Vulnerability in Bea Weblogic_server

CVE-2005-1744

BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without having to log in again, which may be in vi…

EPSS: 0.021 (79.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

  • cve@mitre.org (vdb-entry, Broken Link, x_refsource_VUPEN)
  • cve@mitre.org (x_refsource_SECUNIA, Broken Link, Vendor Advisory, third-party-advisory)
  • cve@mitre.org (Product, vendor-advisory, x_refsource_BEA)
  • cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK, Broken Link)
  • cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, Broken Link, x_refsource_BID)

Frequently asked questions

What is CVE-2005-1744?
CVE-2005-1744 is a critical-severity vulnerability in Bea Weblogic_server, classified under Incomplete Cleanup. CVSS score: 9.8/10. Published 2005-05-24.
How severe is CVE-2005-1744?
Critical severity. CVSS v3 base score is 9.8 out of 10.