Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Web Services fat client for BEA WebLogic Server and Express 7.0 SP4 and earlier, when using 2-way SSL and multiple certificates to connect to the same URL, may use the incorrect identity after the first connection, which could allow users to gain privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BEA WebLogic Server和Express SSL客户端权限提升漏洞
Vulnerability Description
BEA Systems WebLogic包含多种应用系统集成方案,包括Server/Express/Integration等。 BEA Systems WebLogic Server和Express存在一个安全问题,允许SSL客户端提升自己的权限。 WEB服务客户端代码由于存在一个编码错误,WEB服务fat客户端通过双向SSL使用不同客户端证书连接相同weblogic服务器时,其他不正确的用户身份可用于后续的连接。目前没有详细漏洞细节提供。
CVSS Information
N/A
Vulnerability Type
N/A