6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
34.0%
BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack 4, and 8.1 through 8.1 Service Pack 2, allows attackers to obtain the username and password for booting the server by directly accessing certain internal methods.
dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_55.00.jsp
secunia.com/advisories/11359
securitytracker.com/id?1009766
www.kb.cert.org/vuls/id/352110
www.osvdb.org/5296
www.securityfocus.com/bid/10133
exchange.xforce.ibmcloud.com/vulnerabilities/15865