ISS X-Force Database: weblogic-jmsmessagebridge-security-bypass(34287): BEA WebLogic Server JMS Message Bridge security bypass

BEA WebLogic Server JMS Message Bridge security bypass

weblogic-jmsmessagebridge-security-bypass (34287)

Medium Risk

Description:

The BEA WebLogic Server could allow a remote authenticated attacker to bypass security restrictions, caused by an error that can occur if the JMS Message Bridge is configured without a destination username and password. A remote attacker could exploit this vulnerability to bypass security restrictions and send unauthorized messages to a secured queue.

Platforms Affected:

BEA, WebLogic Server 7.0 SP2
BEA, WebLogic Server 7.0 SP1
BEA, WebLogic Server 7.0
BEA, WebLogic Server 7.0 SP7
BEA, WebLogic Server 7.0 SP6
BEA, WebLogic Server 7.0 SP4
BEA, WebLogic Server 7.0 SP3
BEA, WebLogic Server 7.0 SP5
BEA, WebLogic Server 8.1 SP5
BEA, WebLogic Server 8.1 SP4
BEA, WebLogic Server 8.1 SP1
BEA, WebLogic Server 8.1
BEA, WebLogic Server 8.1 SP2
BEA, WebLogic Server 8.1 SP3

Remedy:

Refer to BEA07-165.00 for patch and upgrade information. See References.

Consequences:

Bypass Security

References:

BEA07-165.00, WebLogic JMS Message Bridge not enforcing proper credentials to access a protected queue at https://support.bea.com/application_content/product_portlets/securityadvisories/234.html.
BID-23979: Multiple BEA WebLogic Applications Multiple Vulnerabilities
CVE-2007-2701: The JMS Message Bridge in BEA WebLogic Server 7.0 through SP7 and 8.1 through Service Pack 6, when configured without a username and password, or when the connection URL is not defined, allows remote attackers to bypass the security access policy and send unauthorized messages to a protected queue.
SA25284: BEA Products Multiple Vulnerabilities
SECTRACK ID: 1018057: BEA WebLogic Server Multiple Bugs Let Remote Users Deny Service, Gain Elevated Privileges
VUPEN/ADV-2007-1815: BEA Products Multiple Security Bypass and Information Disclosure Vulnerabilities

Reported:

May 14, 2007

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page