CVE-2005-1747

Name of the Vulnerable Software and Affected Versions BEA WebLogic Server and Express versions 7.0 through Service Pack 6 BEA WebLogic Server and Express versions 8.1 through Service Pack 4

Description The issue allows remote attackers to inject arbitrary web script or HTML, and possibly gain administrative privileges. This can be achieved via the j username or j password parameters in the login page (LoginForm.jsp), parameters to the error page in the Administration Console, unknown vectors in the Server Console while the administrator has an active session to obtain the ADMINCONSOLESESSION cookie, or an alternate vector in the Server Console that does not require an active session but also leaks the username and password.

Recommendations For BEA WebLogic Server and Express versions 7.0 through Service Pack 6, update to a version later than Service Pack 6 to resolve the issue. For BEA WebLogic Server and Express versions 8.1 through Service Pack 4, update to a version later than Service Pack 4 to resolve the issue. As a temporary workaround, consider restricting access to the login page (LoginForm.jsp) and the Administration Console to minimize the risk of exploitation. Avoid using the j username and j password parameters in the login page until the issue is resolved.