Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2005-4765
HistoryOct 03, 2022 - 4:22 p.m.

CVE-2005-4765

2022-10-0316:22:46
[email protected]
web.nvd.nist.gov
21
cve-2005-4765
bea weblogic
remote attack
sniffing
security vulnerability
nvd

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.5%

JSON

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier and 7.0 SP6 and earlier, when using the weblogic.Deployer command with the t3 protocol, does not use the secure t3s protocol even when an Administration port is enabled on the Administration server, which might allow remote attackers to sniff the connection.

Affected configurations

NVD
Node
beaweblogic_serverMatch7.0
OR
beaweblogic_serverMatch7.0express
OR
beaweblogic_serverMatch7.0win32
OR
beaweblogic_serverMatch7.0sp1
OR
beaweblogic_serverMatch7.0sp1express
OR
beaweblogic_serverMatch7.0sp1win32
OR
beaweblogic_serverMatch7.0sp2
OR
beaweblogic_serverMatch7.0sp2express
OR
beaweblogic_serverMatch7.0sp2win32
OR
beaweblogic_serverMatch7.0sp3
OR
beaweblogic_serverMatch7.0sp3express
OR
beaweblogic_serverMatch7.0sp3win32
OR
beaweblogic_serverMatch7.0sp4
OR
beaweblogic_serverMatch7.0sp4express
OR
beaweblogic_serverMatch7.0sp4win32
OR
beaweblogic_serverMatch7.0sp5
OR
beaweblogic_serverMatch7.0sp5express
OR
beaweblogic_serverMatch7.0sp5win32
OR
beaweblogic_serverMatch7.0sp6
OR
beaweblogic_serverMatch7.0sp6express
OR
beaweblogic_serverMatch7.0sp6win32
OR
beaweblogic_serverMatch8.1
OR
beaweblogic_serverMatch8.1express
OR
beaweblogic_serverMatch8.1win32
OR
beaweblogic_serverMatch8.1sp1
OR
beaweblogic_serverMatch8.1sp1express
OR
beaweblogic_serverMatch8.1sp1win32
OR
beaweblogic_serverMatch8.1sp2
OR
beaweblogic_serverMatch8.1sp2express
OR
beaweblogic_serverMatch8.1sp2win32
OR
beaweblogic_serverMatch8.1sp3
OR
beaweblogic_serverMatch8.1sp3express
OR
beaweblogic_serverMatch8.1sp3win32
OR
beaweblogic_serverMatch8.1sp4
OR
beaweblogic_serverMatch8.1sp4express
OR
beaweblogic_serverMatch8.1sp4win32

Related

cvelist 1
nvd 1
cvelist
cvelist
CVE-2005-4765
2022-10-03 16:22:46
nvd
nvd
CVE-2005-4765
2005-12-31 05:00:00

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.5%

JSON
Related for CVE-2005-4765
cvelist1nvd1