CVE-2007-0408

Name of the Vulnerable Software and Affected Versions BEA Weblogic Server versions 8.1 through 8.1 SP4

Description The issue arises from improper validation of client certificates when reusing cached connections. This allows remote attackers to gain access using an untrusted X.509 certificate.

Recommendations For BEA Weblogic Server versions 8.1 through 8.1 SP4, consider disabling the reuse of cached connections as a temporary workaround until a patch is available. Restrict access to sensitive areas of the server to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.