CVE-2004-0471
published 2004-07-07CVE-2004-0471: BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2 does not enforce site restrictions for starting and stopping servers for users in…
PriorityP48low2.1CVSS 2.0
AVLACLAuNCNINAP
EPSS
0.40%
31.9th percentile
BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2 does not enforce site restrictions for starting and stopping servers for users in the Admin and Operator security roles, which allows unauthorized users to cause a denial of service (service shutdown).
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bea | weblogic_server | — | — |
| bea | weblogic_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_60.00.jsphttp://secunia.com/advisories/11594http://securitytracker.com/id?1010129http://www.osvdb.org/6077http://www.securityfocus.com/bid/10327https://exchange.xforce.ibmcloud.com/vulnerabilities/16121http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_60.00.jsphttp://secunia.com/advisories/11594http://securitytracker.com/id?1010129http://www.osvdb.org/6077http://www.securityfocus.com/bid/10327https://exchange.xforce.ibmcloud.com/vulnerabilities/16121
2004-07-07
Published