Lucene search
HistoryOct 23, 2007 - 1:00 a.m.
CVE-2003-1437
cve-2003-1437
bea weblogic
plaintext password
vulnerability
nvd
6.9 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.2%
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.
Affected configurations
Node
hphp-uxMatch11.00
ORhphp-uxMatch11.11iv1
ORibmaixMatch4.3.3
ORmicrosoftwindows_2000
ORmicrosoftwindows_nt
ORredhatlinuxMatch6.2i386
ORredhatlinuxMatch7.1i386
ORsunsolarisMatch2.6
ORsunsunosMatch5.7
ORsunsunosMatch5.8
beaweblogic_serverMatch7.0express
ORbeaweblogic_serverMatch7.0sp1express
ORbeaweblogic_serverMatch7.0.0.1express
ORbeaweblogic_serverMatch7.0.0.1sp1express
Node
hphp-uxMatch11.00
ORhphp-uxMatch11.11i
ORibmaixMatch4.3.3
ORmicrosoftwindows_2000
ORmicrosoftwindows_nt
ORredhatlinuxMatch6.2i386
ORredhatlinuxMatch7.1i386
ORsunsolarisMatch2.6
ORsunsunosMatch5.7
ORsunsunosMatch5.8
beaweblogic_serverMatch7.0
ORbeaweblogic_serverMatch7.0sp1
ORbeaweblogic_serverMatch7.0.0.1
ORbeaweblogic_serverMatch7.0.0.1sp1
Node
microsoftwindows_2000
ORmicrosoftwindows_nt
beaweblogic_serverMatch7.0
ORbeaweblogic_serverMatch7.0sp1
ORbeaweblogic_serverMatch7.0.0.1
ORbeaweblogic_serverMatch7.0.0.1sp1
| CPE | Name | Operator | Version |
|---|---|---|---|
| bea:weblogic_server | bea weblogic server | eq | 7.0 |
| bea:weblogic_server | bea weblogic server | eq | 7.0.0.1 |
6.9 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2003-1437