Detections
Analytics

WebLogic Servlets Multiple Vulnerabilities

high Nessus Plugin ID 11486

Language:

Synopsis

The remote web server is prone to an access control breach.

Description

The remote web server is WebLogic.

An internal management servlet that does not properly check user credentials can be accessed from outside, allowing an attacker to change user passwords, and even upload or download any file on the remote server.

In addition to this, there is a flaw in WebLogic 7.0 that could allow users to delete empty subcontexts.

*** Note that Nessus only checked the version in the server banner,
*** so this might be a false positive.

Solution

- Apply Service Pack 2 Rolling Patch 3 on WebLogic 6.0
- Apply Service Pack 4 on WebLogic 6.1
- Apply Service Pack 2 on WebLogic 7.0 or 7.0.0.1

See Also

http://www.nessus.org/u?7b6e38fc

Plugin Details

Severity: High

ID: 11486

File Name: weblogic_adm_servlet.nasl

Version: 1.27

Type: remote

Family: CGI abuses

Published: 3/27/2003

Updated: 5/12/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:bea:weblogic_server

Required KB Items: www/weblogic

Exploit Ease: No exploit is required

Vulnerability Publication Date: 3/17/2003

Reference Information

CVE: CVE-2003-0151, CVE-2003-1095

BID: 7122, 7124, 7130, 7131