WebLogic Server contains a vulnerability that could result in the creation of new groups inheriting the privileges of a previously deleted group if members of the deleted group still exist.
BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure for developing, integrating, securing, and managing distributed Java applications." The WebLogic Authentication provider is the default authentication mechanism and allows system administrators to manage users and group memberships. Under certain circumstances, members of one group may be unintentionally granted the privileges of a legacy group. If the legacy group had administrative access, then the new group would also inherit these privileges.
According to the BEA Security Advisory,
2. The system administrator then creates a second group (for example, Group2).
Even though Group2 is a new group, it has Group1 as a member. If Group1 has administrative privileges, now Group2 will also have administrative privileges even though it was never explicitly granted those privileges when it was created the second time.
The BEA Security Advisory states that the following versions of WebLogic Server and Express are affected by this vulnerability:
A group of users may be unintentionally granted administrative privileges.
UpgradeBEA has released an advisory to address this issue. According to the BEA Security Advisory, it is recommended that users take the following action:
This vulnerability was reported by BEA Systems Inc.
This document was written by Damon Morda.
|Date First Published:||2004-04-16|
|Date Last Updated:||2004-04-19 15:54 UTC|