6.5 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
58.3%
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not encrypt multicast traffic, which might allow remote attackers to read sensitive cluster synchronization messages by sniffing the multicast traffic.
dev2dev.bea.com/pub/advisory/157
secunia.com/advisories/17138
www.securityfocus.com/bid/15052