Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1095


Vulnerability Score 4.6 4.6
CVE Id CVE-2003-1095
Last Modified 05 Sep 2008 04:36:01
Published 18 Mar 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



BEA WebLogic Server and Express 7.0 and, when using "memory" session persistence for web applications, does not clear authentication information when a web application is redeployed, which could allow users of that application to gain access without having to re-authenticate.

Vulnerable Systems


  • Bea Weblogic Server 7.0

  • Bea Weblogic Server


CERT-VN - VU#691153

XF - weblogic-app-reauthentication-bypass(11555)

BID - 7130

Last Updated: 27 May 2016 10:38:14