Vulnerabilities > CVE-2003-1437 - Unspecified vulnerability in BEA Weblogic Server 7.0/7.0.0.1

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
local
low complexity
hp
ibm
microsoft
redhat
sun
bea

Summary

BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.