Vulnerabilities > CVE-2000-1238 - Unspecified vulnerability in BEA Weblogic Server 5.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages. This vulnerability is addressed in the following product releases: BEA Systems Weblogic Server 5.1 SP 7 BEA Systems WebLogic Express 5.1 SP 7
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 14 |