Vulnerabilities > CVE-2004-0713 - Denial Of Service vulnerability in BEA Weblogic Server 6.1/7.0/8.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The remove method in a stateful Enterprise JavaBean (EJB) in BEA WebLogic Server and WebLogic Express version 8.1 through SP2, 7.0 through SP4, and 6.1 through SP6, does not properly check EJB permissions before unexporting a bean, which allows remote authenticated users to remove EJB objects from remote views before the security exception is thrown.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 44 |