Bea: >> Weblogic Server >> 10.0 Security Vulnerabilities
The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of service (server outage).
CVSS Score
5.0
EPSS Score
0.011
Published
2007-01-23
Unspecified vulnerability in the BEA WebLogic Server proxy plug-in for Netscape Enterprise Server before September 2006 for Netscape Enterprise Server allow remote attackers to cause a denial of service via certain requests that trigger errors that lead to a server being marked as unavailable, hosting web server failure, or CPU consumption.
CVSS Score
5.0
EPSS Score
0.011
Published
2007-01-23
BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite usernames and passwords, which may allow Operators to gain Admin privileges.
CVSS Score
10.0
EPSS Score
0.006
Published
2003-08-27
Page 2