CVE-2004-0652

2004-07-1304:00:00

mitre

www.cve.org

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

34.0%

JSON

BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack 4, and 8.1 through 8.1 Service Pack 2, allows attackers to obtain the username and password for booting the server by directly accessing certain internal methods.

References

dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_55.00.jsp

secunia.com/advisories/11359

securitytracker.com/id?1009766

www.kb.cert.org/vuls/id/352110

www.osvdb.org/5296

www.securityfocus.com/bid/10133

exchange.xforce.ibmcloud.com/vulnerabilities/15865