Vulnerability Details CVE-2005-1748
The embedded LDAP server in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 5, allows remote anonymous binds, which may allow remote attackers to view user entries or cause a denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.8%
CVSS Severity
CVSS v2 Score 5.0
References
- http://dev2dev.bea.com/pub/advisory/131
- http://secunia.com/advisories/15486
- http://securitytracker.com/id?1014049
- http://www.securityfocus.com/bid/13717
- http://www.vupen.com/english/advisories/2005/0608
- http://dev2dev.bea.com/pub/advisory/131
- http://secunia.com/advisories/15486
- http://securitytracker.com/id?1014049
- http://www.securityfocus.com/bid/13717
- http://www.vupen.com/english/advisories/2005/0608
Products affected by CVE-2005-1748
-
cpe:2.3:a:bea:weblogic_server:6.0
-
cpe:2.3:a:bea:weblogic_server:6.1
-
cpe:2.3:a:bea:weblogic_server:7.0
-
cpe:2.3:a:bea:weblogic_server:7.0.0.1
-
cpe:2.3:a:bea:weblogic_server:8.1
-
cpe:2.3:a:oracle:weblogic_portal:8.0