HTTP Request Buffering Vulnerability in BEA WebLogic Server and Express 6.1 through 7.0.0.1

HTTP Request Buffering Vulnerability in BEA WebLogic Server and Express 6.1 through 7.0.0.1

CVE-2002-2177 · LOW Severity

AV:N/AC:H/AU:N/C:P/I:N/A:N

BEA WebLogic Server and Express 6.1 through 7.0.0.1 buffers HTTP requests in a way that can cause BEA to send the same response for two different HTTP requests, which could allow remote attackers to obtain sensitive information that was intended for other users.

Learn more about our Web App Pen Testing.