Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1221


Vulnerability Score 5.0 5.0
CVE Id CVE-2003-1221
Last Modified 10 Sep 2008 03:22:38
Published 31 Dec 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under certain circumstances when a request to use T3 over SSL (t3s) is made to the insecure T3 port, may use a non-SSL connection for the communication, which could allow attackers to sniff sessions.

Vulnerable Systems


  • Bea Weblogic Server 7.0

  • Bea Weblogic Server

  • Bea Weblogic Server 8.1


BID - 9034

BEA - BEA03-40.00

Last Updated: 27 May 2016 10:38:17