BEA WebLogic Server 8.1 up to and including 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when WS-Security is used, does not properly validate certificates, which allows remote malicious users to conduct a man-in-the-middle (MITM) attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bea weblogic server 8.1 |
||
bea weblogic server 9.0 |
||
bea weblogic server 9.1 |
||
bea weblogic server 9.2 |
||
bea weblogic server |