Unspecified Vulnerability in BEA WebLogic Portal by BEA Systems
CVE-2005-2680

Currently unrated

Key Information:

Vendor: Oracle
Status: Weblogic Portal
Vendor: CVE Published:; 23 August 2005

What is CVE-2005-2680?

An unspecified vulnerability in BEA WebLogic Portal versions 8.1 through SP4 allows remote attackers to exploit entitlements functionality. By crafting specific URLs, attackers can bypass access restrictions, gaining unauthorized access to the content of a Book page. This flaw poses significant security risks, making it essential for organizations using the affected versions to address this vulnerability promptly.

References

http://dev2dev.bea.com/pub/advisory/137

vendor-advisoryx_refsource_BEA

Timeline

Vulnerability published
Aug 23, 2005
Vulnerability Reserved
Aug 23, 2005

Oracle

What is CVE-2005-2680?

References

Timeline