PT-2004-3586 · Bea · Bea Weblogic Server+1
Published
2004-12-31
·
Updated
2017-07-29
·
CVE-2004-2696
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
BEA WebLogic Server and WebLogic Express versions 6.1, 7.0, and 8.1
Description
The issue arises when BEA WebLogic Server and WebLogic Express use Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP) and fail to properly handle multiple logins for different users coming from the same client. This could lead to an "unexpected user identity" being used in an RMI call.
Recommendations
For versions 6.1, 7.0, and 8.1, consider restricting access to RMI calls over IIOP to minimize the risk of exploitation until a proper fix is applied.
As a temporary workaround, consider implementing additional authentication mechanisms to ensure the correct user identity is used in RMI calls.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bea Weblogic Server
Weblogic Express