Vulnerabilities > CVE-2004-0711 - Unspecified vulnerability in BEA Weblogic Server 7.0/8.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The URL pattern matching feature in BEA WebLogic Server 6.x matches illegal patterns ending in "*" as wildcards as if they were the legal "/*" pattern, which could cause WebLogic 7.x to allow remote attackers to bypass intended access restrictions because the illegal patterns are properly rejected.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 21 |