4 matches found
Oracle WebLogic Remote Diagnosis Assistant rda_tfa_hrs Command Injection (CVE-2018-2616)
A command injection vulnerability exists in the web console of the Oracle WebLogic Remote Diagnosis Assistant. The vulnerability is due to a failure on the part of the application to properly parse input supplied to the rdatfahrs menu command...
Oracle WebLogic Remote Diagnosis Assistant rda_tfa_hrs Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle WebLogic. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the processing of the...
Oracle WebLogic Remote Diagnosis Assistant Information Disclosure Vulnerability
This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle WebLogic Remote Diagnosis Server. The specific flaw exists within the Remote Diagnosis Assistant, which listens on TCP port 8888 when enabled. The issue results from unrestricted access to th...
Oracle WebLogic Remote Diagnosis Assistant rda_tfa_ref_date Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle WebLogic. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the processing of the...