Vulnerability in Bea Weblogic_server
CVE-2005-1748
The embedded LDAP server in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 5, allows remote anonymous binds, which may allow remote attackers to view user entries or cause a denial of service.
EPSS: 0.026 (83.6th percentile) — read the EPSS interpretation.
Affected products
- Bea Weblogic_server — versions 6.0, 6.1, 7.0
- Oracle Weblogic_portal — versions 8.0
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (vendor-advisory, x_refsource_BEA, Vendor Advisory)