CVE-2005-1744

{"id": "CVE-2005-1744", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2005-05-24T04:00:00.000", "references": [{"url": "http://dev2dev.bea.com/pub/advisory/127", "tags": ["Product"], "source": "[email protected]"}, {"url": "http://secunia.com/advisories/15486", "tags": ["Broken Link", "Vendor Advisory"], "source": "[email protected]"}, {"url": "http://securitytracker.com/id?1014049", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "[email protected]"}, {"url": "http://www.securityfocus.com/bid/13717", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "[email protected]"}, {"url": "http://www.vupen.com/english/advisories/2005/0604", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "http://dev2dev.bea.com/pub/advisory/127", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/15486", "tags": ["Broken Link", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1014049", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/13717", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2005/0604", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-459"}]}], "descriptions": [{"lang": "en", "value": "BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without having to log in again, which may be in violation of newly changed security constraints or role mappings."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bea:weblogic_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "767A0007-20E7-4E77-ACA9-2A812433B509", "versionEndIncluding": "7.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}