Vulnerabilities > CVE-2003-1221 - Denial of Service and Information Disclosure vulnerability in BEA Weblogic Server 7.0/7.0.0.1/8.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under certain circumstances when a request to use T3 over SSL (t3s) is made to the insecure T3 port, may use a non-SSL connection for the communication, which could allow attackers to sniff sessions.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 26 |