CVE-2002-2141
First published: Tue Dec 31 2002(Updated: )
BEA WebLogic Server and Express 7.0 and 7.0.0.1, when running Servlets and Enterprise JavaBeans (EJB) on more than one server, will remove the security constraints and roles on all servers for any Servlets or EJB that are used by an application that is undeployed on one server, which could allow remote attackers to conduct unauthorized activities in violation of the intended restrictions.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| BEA Weblogic Server | =7.0 | |
| BEA Weblogic Server | =7.0.0.1 | |
| BEA Weblogic Server | =7.0.0.1 | |
| BEA Weblogic Server | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/event
- agent/weakness
- agent/severity
- agent/softwarecombine
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/bea
- canonical/bea weblogic server
- version/bea weblogic server/7.0
- version/bea weblogic server/7.0.0.1