Oracle WebLogic Portal Elevation of Privilege (CVE-2008-5462)

Medium Nessus Plugin ID 17771


The remote Oracle WebLogic Server has an unspecified privilege elevation vulnerability.


According to its self-reported banner, the version of Oracle WebLogic Server running on the remote host is affected by an unspecified privilege elevation vulnerability in the portal component that could be exploited remotely.


Upgrade and / or apply the appropriate patch as described in Oracle's advisory.

See Also

Plugin Details

Severity: Medium

ID: 17771

File Name: weblogic_portal_elevation_privilege.nasl

Version: $Revision: 1.11 $

Type: remote

Family: Web Servers

Published: 2012/01/10

Modified: 2015/07/17

Dependencies: 56979

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:bea:weblogic_server, cpe:/a:oracle:weblogic_server

Required KB Items: www/weblogic

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/01/14

Vulnerability Publication Date: 2009/01/14

Exploitable With

Elliot (Oracle Secure Backup RCE (Windows))

Reference Information

CVE: CVE-2008-5462

BID: 33177

OSVDB: 51316

CWE: 264