← back
CVE-2004-2696

CVE-2004-2696

EPSS 1.3%
BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP), does not properly handle when multiple logins for different users coming from the same client, which could cause an "unexpected user identity" to be used in an RMI call.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://dev2dev.bea.com/pub/advisory/59http://secunia.com/advisories/11865http://securitytracker.com/id?1010493https://exchange.xforce.ibmcloud.com/vulnerabilities/16421http://www.osvdb.org/7081http://www.securityfocus.com/bid/10545