VULHUB ™

Under some circumstances, BEA WebLogic Server and Express are prone to a weakness which may inadvertently cause security constraints to be removed. This issue occurs when applications containing Servlets or EJBs are deployed on multiple servers. When such an application is undeployed from one server, the specified security constraints and role mappings for Servlets or EJBs will be removed on all servers. The consequence of this weakness is that all Servlets or EJBs will be left exposed.

Under some circumstances, BEA WebLogic Server and Express are prone to a weakness which may inadvertently cause security constraints to be removed. This issue occurs when applications containing Servlets or EJBs are deployed on multiple servers. When such an application is undeployed from one server, the specified security constraints and role mappings for Servlets or EJBs will be removed on all servers. The consequence of this weakness is that all Servlets or EJBs will be left exposed.