Information Disclosure Vulnerability in BEA WebLogic Server and WebLogic Express

Information Disclosure Vulnerability in BEA WebLogic Server and WebLogic Express

CVE-2003-1290 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI and anonymous admin lookup enabled, allows remote attackers to obtain configuration information by accessing MBeanHome via the Java Naming and Directory Interface (JNDI).

Learn more about our Web App Pen Testing.