CVE-2005-1748Weblogic Server vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.7%
top 26.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
BEA Weblogic ServerOracle Weblogic Portal
Timeline
PublishedMay 24
Latest updateMay 1

Description

The embedded LDAP server in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 5, allows remote anonymous binds, which may allow remote attackers to view user entries or cause a denial of service.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDbea/weblogic_server5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-92xh-w9hh-vw59: The embedded LDAP server in BEA WebLogic Server and Express 82022-05-01
CVEList
CVE-2005-1748: The embedded LDAP server in BEA WebLogic Server and Express 82005-05-24
CVE-2005-1748 — BEA Weblogic Server vulnerability | cvebase