BEA Weblogic Server 8.1 through 8.1 SP4 does not properly validate client certificates when reusing cached connections, which allows remote attackers to obtain access via an untrusted X.509 certificate.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00553
Percentile: 0.67025

CVSS Scoring

Affected Products

• cpe:2.3:a:bea:weblogic_server:*:sp4:*:*:*:*:*:*
• cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*

← Back to Home