Design/Logic Flaw

2006-05-2310:06:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.5%

JSON

A recommended admin password reset mechanism for BEA WebLogic Server 8.1, when followed before October 10, 2005, causes the administrator password to be stored in cleartext in the domain directory, which could allow attackers to gain privileges.

CPENameOperatorVersion
weblogic_servereq8.1

CPE	Name	Operator	Version
	weblogic_server	eq	8.1

References

dev2dev.bea.com/pub/advisory/193

secunia.com/advisories/20130

securitytracker.com/id?1016101

www.vupen.com/english/advisories/2006/1828

exchange.xforce.ibmcloud.com/vulnerabilities/26460