Vulnerabilities > CVE-2006-0427 - Multiple vulnerability in BEA Weblogic Server 8.1/9.0

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

bea

NVD

Published: 2006-01-25

Updated: 2017-07-20

Summary

Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allows malicious EJBs or servlet applications to decrypt system passwords, possibly by accessing functionality that should have been restricted.

Vulnerable Configurations

Part	Description	Count
Application	Bea BEA Weblogic Server 8.1 BEA Weblogic Server 9.0	20

References

http://dev2dev.bea.com/pub/advisory/171
http://secunia.com/advisories/18592
http://securitytracker.com/id?1015528
http://www.osvdb.org/22774
http://www.securityfocus.com/bid/16358
http://www.vupen.com/english/advisories/2006/0313
https://exchange.xforce.ibmcloud.com/vulnerabilities/24291