Lucene search
HistoryAug 16, 2005 - 4:00 a.m.
CVE-2003-1221
cve-2003-1221
bea
weblogic server
ssl
t3
security vulnerability
nvd
7 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
52.0%
BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under certain circumstances when a request to use T3 over SSL (t3s) is made to the insecure T3 port, may use a non-SSL connection for the communication, which could allow attackers to sniff sessions.
Affected configurations
Node
beaweblogic_serverMatch7.0
ORbeaweblogic_serverMatch7.0express
ORbeaweblogic_serverMatch7.0win32
ORbeaweblogic_serverMatch7.0sp1
ORbeaweblogic_serverMatch7.0sp1express
ORbeaweblogic_serverMatch7.0sp1win32
ORbeaweblogic_serverMatch7.0sp2
ORbeaweblogic_serverMatch7.0sp2express
ORbeaweblogic_serverMatch7.0sp2win32
ORbeaweblogic_serverMatch7.0sp3
ORbeaweblogic_serverMatch7.0sp3express
ORbeaweblogic_serverMatch7.0sp3win32
ORbeaweblogic_serverMatch7.0sp4win32
ORbeaweblogic_serverMatch7.0.0.1
ORbeaweblogic_serverMatch7.0.0.1express
ORbeaweblogic_serverMatch7.0.0.1win32
ORbeaweblogic_serverMatch7.0.0.1sp1
ORbeaweblogic_serverMatch7.0.0.1sp1express
ORbeaweblogic_serverMatch7.0.0.1sp1win32
ORbeaweblogic_serverMatch7.0.0.1sp2
ORbeaweblogic_serverMatch7.0.0.1sp2express
ORbeaweblogic_serverMatch7.0.0.1sp2win32
ORbeaweblogic_serverMatch8.1
ORbeaweblogic_serverMatch8.1express
ORbeaweblogic_serverMatch8.1sp1
ORbeaweblogic_serverMatch8.1sp1express
7 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
52.0%
Related for CVE-2003-1221