Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2004-0715 |
Description: | The WebLogic Authentication provider for BEA WebLogic Server and WebLogic Express 8.1 through SP2 and 7.0 through SP4 does not properly clear member relationships when a group is deleted, which can cause a new group with the same name to have the members of the old group, which allows group members to gain privileges. |
Test IDs: | 1.3.6.1.4.1.25623.1.0.55678 |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-0715 BugTraq ID: 10130 http://www.securityfocus.com/bid/10130 CERT/CC vulnerability note: VU#470470 http://www.kb.cert.org/vuls/id/470470 http://www.osvdb.org/5299 http://securitytracker.com/id?1009763 http://secunia.com/advisories/11356 XForce ISS Database: weblogic-authentication-gain-privileges(15861) https://exchange.xforce.ibmcloud.com/vulnerabilities/15861 |