Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7, when a Java client application creates an SSL connection to the server after it has already created an insecure connection, will use the insecure connection, which allows remote attackers to sniff the connection.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BEA WebLogic Server和WebLogic Express 远程攻击漏洞
Vulnerability Description
BEA WebLogic Server和WebLogic Express 8.1至SP4版本、7.0至SP6版本和6.1至SP7版本,当一个Jave客户端应用程序创建了一个到服务器的不安全连接之后再次创建到服务器的SSL连接时,此系统将会使用不安全的连接,这使得远程攻击者可以窥探到此连接的信息。
CVSS Information
N/A
Vulnerability Type
N/A