Application: Oracle Weblogic Application Server
Versions Affected: WebLogic Server 10.3.6.0/10.3.1.0, maybe others
Vendor URL: http://www.oracle.com
Bugs: Authorization bypass
Vendor response: 12.06.2014
Date of Public Advisory: 17.10.2014
Reference: Oracle CPU October 2014
Author: Alexey Tyurin (ERPScan)
Impact: Partial Authorization bypass (Directory lising, RCE for Windows OS)
Remotely Exploitable: Yes
Locally Exploitable: No
A remote attacker can conduct an Authorization Bypass attack against Oracle Weblogic Application Server and gain full control.
The vulnerability can lead to disclosure of the information on the system without authentication and can help an attacker to penetrate the system. An attacker can use the information from this service for subsequent attacks, which will lead to illegal access to business-critical information.
WebLogic Server 10.3.6.0/10.3.1.0
Other versions are probably affected too, but they were not checked.
SOLUTIONS AND WORKAROUNDS
Patch or Set Strong Passwords for a WebLogic’s accounts.
Proof of Concept