CVE-2002-2141

Name of the Vulnerable Software and Affected Versions: BEA WebLogic Server and Express versions 7.0 through 7.0.0.1

Description: The issue affects the security constraints and roles for Servlets and Enterprise JavaBeans (EJB) when running on multiple servers. If an application is undeployed on one server, the security constraints and roles are removed on all servers for the affected Servlets or EJB, potentially allowing remote attackers to conduct unauthorized activities.

Recommendations: For BEA WebLogic Server and Express versions 7.0 through 7.0.0.1, consider redeploying the application with the intended security constraints and roles to prevent unauthorized access. As a temporary workaround, restrict access to the affected Servlets and EJB until a proper fix can be applied.