Vulnerability Description
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier, when Internet Inter-ORB Protocol (IIOP) is used, sometimes include a password in an exception message that is sent to a client or stored in a log file, which might allow remote attackers to perform unauthorized actions.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bea | Weblogic Server | 6.1 |
References
- http://dev2dev.bea.com/pub/advisory/154
- http://secunia.com/advisories/17138Vendor Advisory
- http://www.securityfocus.com/bid/15052
- http://dev2dev.bea.com/pub/advisory/154
- http://secunia.com/advisories/17138Vendor Advisory
- http://www.securityfocus.com/bid/15052
FAQ
What is CVE-2005-4763?
CVE-2005-4763 is a vulnerability with a CVSS score of 7.5 (HIGH). BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier, when Internet Inter-ORB Protocol (IIOP) is used, sometimes include a password in an exceptio...
How severe is CVE-2005-4763?
CVE-2005-4763 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4763?
Check the references section above for vendor advisories and patch information. Affected products include: Bea Weblogic Server.