7.0.0.1

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

bea

NVD

Published: 2003-12-31

Updated: 2024-11-20

Summary

BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.

Vulnerable Configurations

Part	Description	Count
OS	Hp HP HP UX 11.00 HP HP UX 11.11I	3
OS	Ibm IBM AIX 4.3.3	1
OS	Microsoft Microsoft Windows 2000 * Microsoft Windows NT *	2
OS	Redhat Redhat Linux 6.2 Redhat Linux 7.1	2
OS	Sun SUN Solaris 2.6 SUN Sunos 5.7 SUN Sunos 5.8	3
Application	Bea BEA Weblogic Server 7.0 BEA Weblogic Server 7.0.0.1	8

References

http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp
http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp
http://www.securityfocus.com/bid/6719
http://www.securityfocus.com/bid/6719
https://exchange.xforce.ibmcloud.com/vulnerabilities/11220
https://exchange.xforce.ibmcloud.com/vulnerabilities/11220