Forum Thread: Oracle WebLogic Server Node Manager Security Bypass

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
Oracle WebLogic Server Node Manager Security Bypass

Secunia Oracle WebLogic Server Node Manager Security Bypass
Secunia Official 29th Apr, 2014 09:44
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
A vulnerability has been reported in Oracle WebLogic Server, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to an improper authentication mechanism within the "Node Manager" process (beasvc.exe) and can be exploited to invoke certain commands on an affected system.

The vulnerability is reported in version 10.3.2. Other versions may also be affected.

sunilvakharia RE: Oracle WebLogic Server Node Manager Security Bypass
Member 29th Apr, 2014 09:44
Score: 0
Posts: 2
User Since: 29th Apr 2014
System Score: N/A
Location: IN
Last edited on 29th Apr, 2014 09:44
Original advisory link is broken.
Was this reply relevant?
+0
-0