Lucene search
HistoryOct 03, 2022 - 4:22 p.m.
CVE-2005-4753
cve-2005-4753
bea weblogic server
weblogic express
audit event
severity levels
unauthorized actions
detection
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
59.3%
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP6 and earlier, in certain “heavy usage” scenarios, report incorrect severity levels for an audit event, which might allow attackers to perform unauthorized actions and avoid detection.
Affected configurations
Node
beaweblogic_serverMatch7.0
ORbeaweblogic_serverMatch7.0express
ORbeaweblogic_serverMatch7.0sp1
ORbeaweblogic_serverMatch7.0sp1express
ORbeaweblogic_serverMatch7.0sp2
ORbeaweblogic_serverMatch7.0sp2express
ORbeaweblogic_serverMatch7.0sp3
ORbeaweblogic_serverMatch7.0sp3express
ORbeaweblogic_serverMatch7.0sp4
ORbeaweblogic_serverMatch7.0sp4express
ORbeaweblogic_serverMatch7.0sp5
ORbeaweblogic_serverMatch7.0sp5express
ORbeaweblogic_serverMatch7.0sp6
ORbeaweblogic_serverMatch7.0sp6express
ORbeaweblogic_serverMatch8.1
ORbeaweblogic_serverMatch8.1express
ORbeaweblogic_serverMatch8.1sp1
ORbeaweblogic_serverMatch8.1sp1express
ORbeaweblogic_serverMatch8.1sp2
ORbeaweblogic_serverMatch8.1sp2express
ORbeaweblogic_serverMatch8.1sp3
ORbeaweblogic_serverMatch8.1sp3express
ORbeaweblogic_serverMatch8.1sp4
ORbeaweblogic_serverMatch8.1sp4express
| CPE | Name | Operator | Version |
|---|---|---|---|
| bea:weblogic_server | bea weblogic server | eq | 7.0 |
| bea:weblogic_server | bea weblogic server | eq | 8.1 |
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
59.3%
Related for CVE-2005-4753