Vulnerability Details : CVE-2004-2320
The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.
Vulnerability category: Cross site scripting (XSS)Information leak
Products affected by CVE-2004-2320
- cpe:2.3:a:bea:weblogic_server:5.1:*:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp11:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp2:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp9:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp1:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp10:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp4:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp5:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp6:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp7:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp12:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp3:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp8:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp5:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp6:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp4:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp3:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp1:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp2:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:*:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp10:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp12:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp8:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp9:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp3:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp3:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:*:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp7:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp1:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp4:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp4:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp2:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp3:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp3:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp1:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp2:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp4:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:*:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp3:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp6:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:*:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:*:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp2:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp5:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp6:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp1:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp5:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp5:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp1:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp2:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp2:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:*:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp4:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp4:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp1:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp1:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp12:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp3:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp8:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp11:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp2:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp5:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:*:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp11:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp13:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp4:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp7:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp10:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp13:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp13:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp6:win32:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:5.1:sp9:win32:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-2320
2.25%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 89 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-2320
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:N |
8.6
|
4.9
|
NIST |
CWE ids for CVE-2004-2320
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2004-2320
-
Red Hat 2008-03-05The Apache Software Foundation do not treat this as a security issue. A configuration change can be made to disable the ability to respond to HTTP TRACE requests if required. For more information please see: http://www.apacheweek.com/issues/03-01-24#news
References for CVE-2004-2320
-
http://www.kb.cert.org/vuls/id/867593
VU#867593 - Web servers enable HTTP TRACE method by defaultThird Party Advisory;US Government Resource
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/14959
-
http://www.securitytracker.com/alerts/2004/Jan/1008866.html
Patch
-
http://dev2dev.bea.com/pub/advisory/68
Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/9506
WebLogic Server and Express HTTP TRACE Credential Theft VulnerabilityPatch
Jump to