CVE-2007-0409

2007-01-23T00:28:00
ID CVE-2007-0409
Type cve
Reporter cve@mitre.org
Modified 2011-03-08T02:49:00

Description

BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP4, and 9.0 initial release does not encrypt passwords stored in the JDBCDataSourceFactory MBean Properties, which allows local administrative users to read the cleartext password.