Skip to main content

CVE-2005-4766

Severity Medium
Score 5.4/10

Summary

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not encrypt multicast traffic, which might allow remote attackers to read sensitive cluster synchronization messages by sniffing the multicast traffic.

  • HIGH
  • NETWORK
  • NONE
  • NONE
  • COMPLETE
  • NONE

References

Advisory Timeline

  • Published