Vulnerability Description
BEA WebLogic Server and WebLogic Express 8.1 SP2 and SP3 allows users with the Monitor security role to "shrink or reset JDBC connection pools."
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bea | Weblogic Server | 6.0 |
| Oracle | Weblogic Portal | 8.0 |
References
- http://dev2dev.bea.com/pub/advisory/125Vendor Advisory
- http://secunia.com/advisories/15486Vendor Advisory
- http://securitytracker.com/id?1014049
- http://www.securityfocus.com/bid/13717
- http://www.vupen.com/english/advisories/2005/0602
- http://dev2dev.bea.com/pub/advisory/125Vendor Advisory
- http://secunia.com/advisories/15486Vendor Advisory
- http://securitytracker.com/id?1014049
- http://www.securityfocus.com/bid/13717
- http://www.vupen.com/english/advisories/2005/0602
FAQ
What is CVE-2005-1742?
CVE-2005-1742 is a vulnerability with a CVSS score of 5.0 (MEDIUM). BEA WebLogic Server and WebLogic Express 8.1 SP2 and SP3 allows users with the Monitor security role to "shrink or reset JDBC connection pools."
How severe is CVE-2005-1742?
CVE-2005-1742 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1742?
Check the references section above for vendor advisories and patch information. Affected products include: Bea Weblogic Server, Oracle Weblogic Portal.