Oracle WebLogic WLS Unspecified Vulnerability (CVE-2008-5461)

This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.


Synopsis :

The remote Oracle WebLogic Server has an unspecified vulnerability.

Description :

According to its self-reported banner, the version of Oracle WebLogic
Server running on the remote host has an unspecified vulnerability in
WebLogic Console that can be exploited remotely and may allow
information disclosure and elevation of privileges.

See also :

http://www.oracle.com/technetwork/topics/security/2811-100497.html

Solution :

Upgrade and/or apply the appropriate patch as described in Oracle's
advisory.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.6
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 17743 ()

Bugtraq ID: 33177

CVE ID: CVE-2008-5461

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial