Lucene search

[email protected]CVE-2005-4761

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-4761

2005-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

bea

weblogic server

weblogic express

cve-2005-4761

security

vulnerability

nvd

7.1 High

AI Score

Confidence

Low

1.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

15.1%

JSON

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 and earlier, and 6.1 SP7 and earlier log the Java command line at server startup, which might include sensitive information (passwords or keyphrases) in the server log file when the -D option is used.

CPENameOperatorVersion
bea:weblogic_serverbea weblogic servereq8.1
bea:weblogic_serverbea weblogic servereq7.0
bea:weblogic_serverbea weblogic servereq6.1

CPE	Name	Operator	Version
bea:weblogic_server	bea weblogic server	eq	8.1
bea:weblogic_server	bea weblogic server	eq	7.0
bea:weblogic_server	bea weblogic server	eq	6.1

References

dev2dev.bea.com/pub/advisory/152

secunia.com/advisories/17138

www.securityfocus.com/bid/15052

7.1 High

AI Score

Confidence

Low

1.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

15.1%

JSON

Related for CVE-2005-4761

cvelist1