Remote Code Execution Risk in BEA Product Suite WebLogic Server
CVE-2009-3396

Currently unrated

Key Information:

Vendor: Oracle
Status: Bea Product Suite
Vendor: CVE Published:; 22 October 2009

Summary

A vulnerability exists in the WebLogic Server component of the BEA Product Suite, affecting several versions. This flaw permits remote attackers to compromise the integrity of the system via the WLS Console, potentially allowing unauthorized actions and manipulation of sensitive information. It is crucial for users of affected versions to apply necessary patches and security measures to mitigate exposure to these risks.

References

http://www.securityfocus.com/bid/36766

vdb-entryx_refsource_BID

http://www.securitytracker.com/id?1023062

vdb-entryx_refsource_SECTRACK

http://www.us-cert.gov/cas/techalerts/TA09-294A.html

third-party-advisoryx_refsource_CERT

Timeline

Vulnerability published
Oct 22, 2009
Vulnerability Reserved
Sep 25, 2009