CVE-2005-4766

2022-10-0316:22:45

mitre

www.cve.org

bea weblogic

multicast traffic

vulnerability

versions 8.1

7.0

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.3%

JSON

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not encrypt multicast traffic, which might allow remote attackers to read sensitive cluster synchronization messages by sniffing the multicast traffic.

References

dev2dev.bea.com/pub/advisory/157

secunia.com/advisories/17138

www.securityfocus.com/bid/15052