CVE-2003-1095
Summary
BEA WebLogic Server and Express 7.0 and 7.0.0.1, when using "memory" session persistence for web applications, does not clear authentication information when a web application is redeployed, which could allow users of that application to gain access without having to re-authenticate.
- LOW
- LOCAL
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published