CVE-2005-4754

BEA WebLogic Server & WebLogic Express <8.1 SP3 - Info Disclosure

Title source: llm
STIX 2.1

Description

BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allow remote attackers to obtain sensitive information (intranet IP addresses) via unknown attack vectors involving "network address translation."

References (3)

Core 3
Core References
Patch, Vendor Advisory vendor-advisory x_refsource_bea
http://dev2dev.bea.com/pub/advisory/144
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15052
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17138

Scores

EPSS 0.0087
EPSS Percentile 75.5%

Details

Status published
Products (1)
bea/weblogic_server 8.1 (8 CPE variants)
Published Dec 31, 2005
Tracked Since Feb 18, 2026