Back to search
CVE-2004-2696
Published: Oct 6, 2007
Modified: Aug 8, 2024
PUBLISHED
Description
BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP), does not properly handle when multiple logins for different users coming from the same client, which could cause an "unexpected user identity" to be used in an RMI call.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
11865
third-party-advisory
x_refsource_SECUNIA
weblogic-unexpected-user-identity(16421)
vdb-entry
x_refsource_XF
1010493
vdb-entry
x_refsource_SECTRACK
10545
vdb-entry
x_refsource_BID
BEA04-62.00
vendor-advisory
x_refsource_BEA
7081
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now