Back to search
CVE-2002-2141
Published: Nov 16, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
BEA WebLogic Server and Express 7.0 and 7.0.0.1, when running Servlets and Enterprise JavaBeans (EJB) on more than one server, will remove the security constraints and roles on all servers for any Servlets or EJB that are used by an application that is undeployed on one server, which could allow remote attackers to conduct unauthorized activities in violation of the intended restrictions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
weblogic-servlet-ejb-security-removal(10291)
vdb-entry
x_refsource_XF
5846
vdb-entry
x_refsource_BID
BEA02-21.00
vendor-advisory
x_refsource_BEA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now