Vulnerabilities > CVE-2007-2698 - Remote Security vulnerability in BEA Weblogic Server 9.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The Administration Console in BEA WebLogic Server 9.0 may show plaintext Web Service attributes during configuration creation, which allows remote attackers to obtain sensitive credential information. The vendor has issued product updates to addresses these issues: BEA WebLogic Server patches: http://commerce.bea.com/showallversions.jsp?family=WLS BEA WebLogic Platform patches: http://commerce.bea.com/showallversions.jsp?family=WLP
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |