Vulnerabilities > CVE-2004-2321 - Unspecified vulnerability in BEA Weblogic Server 8.1

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

bea

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users in the Operator role to obtain administrator passwords via MBean attributes, including (1) ServerStartMBean.Password and (2) NodeManagerMBean.CertificatePassword.

Vulnerable Configurations

Part	Description	Count
Application	Bea BEA Weblogic Server 8.1	3

References

http://dev2dev.bea.com/pub/advisory/1
http://dev2dev.bea.com/pub/advisory/1
http://www.securityfocus.com/bid/9505
http://www.securityfocus.com/bid/9505
http://www.securitytracker.com/alerts/2004/Jan/1008867.html
http://www.securitytracker.com/alerts/2004/Jan/1008867.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/14962
https://exchange.xforce.ibmcloud.com/vulnerabilities/14962