CVE-2005-4753 | Vulnerability Database | Aqua Security

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP6 and earlier, in certain heavy usage scenarios, report incorrect severity levels for an audit event, which might allow attackers to perform unauthorized actions and avoid detection.

Affected Software

Name	Vendor	Start Version	End Version
Weblogic_server	Bea	7.0 (including)	7.0 (including)
Weblogic_server	Bea	7.0-sp1 (including)	7.0-sp1 (including)
Weblogic_server	Bea	7.0-sp2 (including)	7.0-sp2 (including)
Weblogic_server	Bea	7.0-sp3 (including)	7.0-sp3 (including)
Weblogic_server	Bea	7.0-sp4 (including)	7.0-sp4 (including)
Weblogic_server	Bea	7.0-sp5 (including)	7.0-sp5 (including)
Weblogic_server	Bea	7.0-sp6 (including)	7.0-sp6 (including)
Weblogic_server	Bea	8.1 (including)	8.1 (including)
Weblogic_server	Bea	8.1-sp1 (including)	8.1-sp1 (including)
Weblogic_server	Bea	8.1-sp2 (including)	8.1-sp2 (including)
Weblogic_server	Bea	8.1-sp3 (including)	8.1-sp3 (including)
Weblogic_server	Bea	8.1-sp4 (including)	8.1-sp4 (including)

References

http://dev2dev.bea.com/pub/advisory/143
http://secunia.com/advisories/17138
http://www.securityfocus.com/bid/15052

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-4753
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html