CVE-2007-2698

2007-05-16T01:19:00
ID CVE-2007-2698
Type cve
Reporter cve@mitre.org
Modified 2017-07-29T01:31:00

Description

The Administration Console in BEA WebLogic Server 9.0 may show plaintext Web Service attributes during configuration creation, which allows remote attackers to obtain sensitive credential information. The vendor has issued product updates to addresses these issues:

BEA WebLogic Server patches: http://commerce.bea.com/showallversions.jsp?family=WLS

BEA WebLogic Platform patches: http://commerce.bea.com/showallversions.jsp?family=WLP