exploitDog

CVE-2002-2141

Опубликовано: 31 дек. 2002

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

BEA WebLogic Server and Express 7.0 and 7.0.0.1, when running Servlets and Enterprise JavaBeans (EJB) on more than one server, will remove the security constraints and roles on all servers for any Servlets or EJB that are used by an application that is undeployed on one server, which could allow remote attackers to conduct unauthorized activities in violation of the intended restrictions.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:*:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0.0.1:*:express:*:*:*:*:*

EPSS

Процентиль: 76%

0.00973

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jpwh-mhch-4w6m

github

больше 3 лет назад

BEA WebLogic Server and Express 7.0 and 7.0.0.1, when running Servlets and Enterprise JavaBeans (EJB) on more than one server, will remove the security constraints and roles on all servers for any Servlets or EJB that are used by an application that is undeployed on one server, which could allow remote attackers to conduct unauthorized activities in violation of the intended restrictions.

EPSS

Процентиль: 76%

0.00973

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other