7.0.0.1

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

bea

NVD

Published: 2003-12-31

Updated: 2024-11-20

Summary

BEA WebLogic Server 6.1, 7.0 and 7.0.0.1, when routing messages to a JMS target domain that is inaccessible, may leak the user's password when it throws a ResourceAllocationException.

Vulnerable Configurations

Part	Description	Count
Application	Bea BEA Weblogic Server 7.0 BEA Weblogic Server 6.1 BEA Weblogic Server 7.0.0.1	7

References

http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-24.jsp
http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-24.jsp
http://www.kb.cert.org/vuls/id/331937
http://www.kb.cert.org/vuls/id/331937
http://www.securityfocus.com/bid/6586
http://www.securityfocus.com/bid/6586
https://exchange.xforce.ibmcloud.com/vulnerabilities/11057
https://exchange.xforce.ibmcloud.com/vulnerabilities/11057