CVE-2005-4760

CVE-2005-4760 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, when fullyDelegatedAuthorization is enabled for a servlet, does not cause servlet deployment to fail when failures occur in authorization or role providers, which might prevent the servlet from being "fully protected."

Learn more about our Web App Pen Testing.