Loading
The HttpClusterServlet and HttpProxyServlet in BEA WebLogic Express and WebLogic Server 6.1 through SP7, 7.0 through SP7, 8.1 through SP5, 9.0, and 9.1, when SecureProxy is enabled, may process "external requests on behalf of a system identity," which allows remote attackers to access administrative data or functionality.
Cite this page
CVE-2007-2695. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2007-2695
Use Bea vendor hub and Weblogic Server product page to widen CVE-2007-2695 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2008-3257, CVE-2008-0897 and CVE-2008-0901 for nearby disclosures in the same product family.