Vulnerability Details CVE-2005-4760
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, when fullyDelegatedAuthorization is enabled for a servlet, does not cause servlet deployment to fail when failures occur in authorization or role providers, which might prevent the servlet from being "fully protected."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.9%
CVSS Severity
CVSS v2 Score 5.1
References
Products affected by CVE-2005-4760
-
cpe:2.3:a:bea:weblogic_server:7.0
-
cpe:2.3:a:bea:weblogic_server:8.1