Detections
Analytics
BEA WebLogic < 8.1 SP5 Multiple Vulnerabilities
medium Nessus Network Monitor Plugin ID 2862
Synopsis
The remote host is vulnerable to multiple attack vectors.Description
The remote host is running a version of BEA WebLogic Server or WebLogic Express that is prone to multiple vulnerabilities. These flaws could lead to buffer overflows, denial of service, unauthorized access, cross-site scripting attacks, and information disclosure.Solution
Upgrade to WebLogic 8.1.0 SP5 or higher.See Also
http://web.archive.org/web/20070211133850/dev2dev.bea.com/pub/advisory/125
http://web.archive.org/web/20070211133850/dev2dev.bea.com/pub/advisory/126
http://web.archive.org/web/20070211133850/dev2dev.bea.com/pub/advisory/127
http://web.archive.org/web/20070211133850/dev2dev.bea.com/pub/advisory/128
http://web.archive.org/web/20070211133850/dev2dev.bea.com/pub/advisory/129
http://web.archive.org/web/20070404224518/dev2dev.bea.com/pub/advisory/130
http://web.archive.org/web/20070404224518/dev2dev.bea.com/pub/advisory/132
http://web.archive.org/web/20070404224518/dev2dev.bea.com/pub/advisory/135
http://web.archive.org/web/20070404224518/dev2dev.bea.com/pub/advisory/137
Plugin Details
Severity: Medium
ID: 2862
Family: Web Servers
Published: 4/26/2005
Updated: 3/6/2019
Nessus ID: 18365
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 5.8
Temporal Score: 5
Vector: CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:P
CVSS v3
Risk Factor: Medium
Base Score: 6.3
Temporal Score: 6
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:bea:weblogic_server
Reference Information
CVE: CVE-2005-1380, CVE-2005-1742, CVE-2005-1743, CVE-2005-1744, CVE-2005-1745, CVE-2005-1746, CVE-2005-1747, CVE-2005-1748, CVE-2005-1749