BEA WebLogic Server and WebLogic Express 8.1 SP4 and previous versions, and 7.0 SP5 and previous versions, do not encrypt multicast traffic, which might allow remote malicious users to read sensitive cluster synchronization messages by sniffing the multicast traffic.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bea weblogic server 7.0 |
||
bea weblogic server 8.1 |