CVE-2008-0895

CVE-2008-0895

EPSS 2.2%

BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application servlets via crafted request headers.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://dev2dev.bea.com/pub/advisory/265 http://secunia.com/advisories/29041 http://www.securitytracker.com/id?1019443 http://www.vupen.com/english/advisories/2008/0612/references