Oracle WebLogic Server Web Services Security Policy not Enforced (CVE-2008-5459)
Medium Nessus Plugin ID 57040
SynopsisThe remote Oracle WebLogic Server has an unspecified vulnerability.
DescriptionAccording to its self-reported banner, the version of Oracle WebLogic Server running on the remote host is affected by an unspecified vulnerability that could allow a remote, unauthenticated attacker to disable enforcement of security policies for the web services. Such an attack could have a partial impact on confidentiality.
SolutionUpgrade and/or apply the appropriate patch as described in Oracle's advisory.