CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-4756

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not properly validate derived Principals with multiple PrincipalValidators, which might allow attackers to gain privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.6%

CVSS Severity

CVSS v2 Score 7.5

References

http://dev2dev.bea.com/pub/advisory/146
http://secunia.com/advisories/17138
http://www.securityfocus.com/bid/15052
http://dev2dev.bea.com/pub/advisory/146
http://secunia.com/advisories/17138
http://www.securityfocus.com/bid/15052

Products affected by CVE-2005-4756

Bea » Weblogic Server » Version: 7.0

cpe:2.3:a:bea:weblogic_server:7.0
Bea » Weblogic Server » Version: 8.1

cpe:2.3:a:bea:weblogic_server:8.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-4756

Products

Pricing

Contact Us