CVE-2008-0898

Name of the Vulnerable Software and Affected Versions BEA WebLogic Server versions 9.0 through 10.0

Description The distributed queue feature in JMS does not properly handle when a client cannot send a message to a member of a distributed queue, allowing remote authenticated users to bypass intended access restrictions for protected distributed queues.

Recommendations For BEA WebLogic Server versions 9.0 through 10.0, consider restricting access to the distributed queue feature until a proper fix is applied to handle client message sending failures. As a temporary workaround, review and adjust the configurations to minimize the risk of exploitation.