Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BEA WebLogic Server and Express version 7.0 SP3 may follow certain code execution paths that result in an incorrect current user, such as in the frequent use of JNDI initial contexts, which could allow remote authenticated users to gain privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BEA WebLogic Server和WebLogic Express用户假冒漏洞
Vulnerability Description
BEA Systems WebLogic包含多种应用系统集成方案,包括Server/Express/Integration等。 BEA WebLogic Server和WebLogic Express存在安全问题,可导致用户信息错误。 部分代码执行路径可引起正确用户为不正确,尤其是当JNDI的初始会话过程重复地记录登录进来的用户时很可能发生这种情况,即使程序没有进行明确的执行登录。目前没有详细漏洞细节提供。
CVSS Information
N/A
Vulnerability Type
N/A