Vulnerability Name: CVE-2004-1756 (CCN-15862) Assigned: 2004-04-13 Published: 2004-04-13 Updated: 2017-07-11 Summary: BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote attackers to spoof other users or servers. CVSS v3 Severity: 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): LowAvailibility (A): None
CVSS v2 Severity: 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
Vulnerability Type: CWE-Other Vulnerability Consequences: Bypass Security References: Source: MITRECVE-2004-1756 Patches available to prevent user impersonation. http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_54.00.jsp BEA WebLogic SSL Impersonation Vulnerability 11358 BEA WebLogic Custom Trust Manager Flaw May Let Remote Users Impersonate Target Users or Servers 1009765 BEA WebLogic Server and Express Certificate Spoofing Vulnerability BEA WebLogic Server fails to properly validate certificate chains VU#566390 BEA WebLogic 2-way SSL User / Server Impersonation 10132 BEA WebLogic Server and WebLogic Express Certificate Chain User Impersonation Vulnerability weblogic-trust-certificate-spoofing(15862) weblogic-trust-certificate-spoofing(15862) Vulnerable Configuration: Configuration 1 :cpe:/a:bea:weblogic_server:7.0:*:express:*:*:*:*:* OR cpe:/a:bea:weblogic_server:7.0:*:win32:*:*:*:*:* OR cpe:/a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:* OR cpe:/a:bea:weblogic_server:7.0:sp1:express:*:*:*:*:* OR cpe:/a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:* OR cpe:/a:bea:weblogic_server:7.0:sp2:express:*:*:*:*:* OR cpe:/a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:* OR cpe:/a:bea:weblogic_server:7.0:sp3:express:*:*:*:*:* OR cpe:/a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:* OR cpe:/a:bea:weblogic_server:7.0:sp4:express:*:*:*:*:* OR cpe:/a:bea:weblogic_server:7.0:sp4:win32:*:*:*:*:* OR cpe:/a:bea:weblogic_server:8.1:*:*:*:*:*:*:* OR cpe:/a:bea:weblogic_server:8.1:*:express:*:*:*:*:* OR cpe:/a:bea:weblogic_server:8.1:*:win32:*:*:*:*:* OR cpe:/a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:* OR cpe:/a:bea:weblogic_server:8.1:sp1:express:*:*:*:*:* OR cpe:/a:bea:weblogic_server:8.1:sp1:win32:*:*:*:*:* OR cpe:/a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:* OR cpe:/a:bea:weblogic_server:8.1:sp2:express:*:*:*:*:* OR cpe:/a:bea:weblogic_server:8.1:sp2:win32:*:*:*:*:* BACK
bea weblogic server 7.0
bea weblogic server 7.0
bea weblogic server 7.0 sp1
bea weblogic server 7.0 sp1
bea weblogic server 7.0 sp2
bea weblogic server 7.0 sp2
bea weblogic server 7.0 sp3
bea weblogic server 7.0 sp3
bea weblogic server 7.0 sp4
bea weblogic server 7.0 sp4
bea weblogic server 7.0 sp4
bea weblogic server 8.1
bea weblogic server 8.1
bea weblogic server 8.1
bea weblogic server 8.1 sp1
bea weblogic server 8.1 sp1
bea weblogic server 8.1 sp1
bea weblogic server 8.1 sp2
bea weblogic server 8.1 sp2
bea weblogic server 8.1 sp2
Denotes that component is vulnerable