Oracle WebLogic Server Multiple Vulnerabilities (July 2015 CPU)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

An application server installed on the remote host is affected by
multiple vulnerabilities.

Description :

The version of Oracle WebLogic Server installed on the remote host is
affected by multiple vulnerabilities :

- An unspecified flaw exists related to the Java Server
Faces subcomponent. A remote attacker can exploit this
to affect the integrity of the system. (CVE-2015-2623)

- An unspecified flaw exists related to the Java Server
Faces and Web Container subcomponents. A remote attacker
can exploit this to affect the integrity of the system.
(CVE-2015-4744)

See also :

http://www.nessus.org/u?d18c2a85

Solution :

Apply the appropriate patch according to the July 2015 Oracle Critical
Patch Update advisory.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: Misc.

Nessus Plugin ID: 84823 ()

Bugtraq ID: 75848
75859

CVE ID: CVE-2015-2623
CVE-2015-4744

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now