Improper access control vulnerability in the WLS Core component of Oracle Weblogic Server - CVE-2018-3191Deprecated |
ID: oval:org.secpod.oval:def:54570 | Date: (C)2019-05-09 (M)2021-07-08 |
Class: VULNERABILITY | Family: unix |
The host is installed with Oracle Weblogic Server 10.3.6.0, 12.1.3.0 or 12.2.1.3 and is prone to an improper access control vulnerability. A flaw is present in the application, which fails to handle unauthenticated network access. Successful exploitation allows an attacker with network access via T3 to compromise Oracle WebLogic Server.
Product: |
Oracle Weblogic Server |