CVE-2004-0471

N/A Unknown
Published: July 07, 2004 Modified: April 16, 2026
View on NVD

Description

BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2 does not enforce site restrictions for starting and stopping servers for users in the Admin and Operator security roles, which allows unauthorized users to cause a denial of service (service shutdown).

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_60.00.jsp
Source: cve@mitre.org
Patch Vendor Advisory
http://secunia.com/advisories/11594
Source: cve@mitre.org
http://securitytracker.com/id?1010129
Source: cve@mitre.org
http://www.osvdb.org/6077
Source: cve@mitre.org
http://www.securityfocus.com/bid/10327
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/16121
Source: cve@mitre.org
http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_60.00.jsp
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://secunia.com/advisories/11594
Source: af854a3a-2127-422b-91ae-364da2661108
http://securitytracker.com/id?1010129
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/6077
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/10327
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/16121
Source: af854a3a-2127-422b-91ae-364da2661108

12 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.1%
20th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

bea