Lucene search
K

86 matches found

OSV
OSV
added 2017/12/01 3:29 p.m.4 views

CVE-2017-15702

In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider tha...

9.8CVSS5.8AI score0.06214EPSS
Exploits0References4
CVE
CVE
added 2006/01/25 11:0 p.m.46 views

CVE-2006-0423

BEA WebLogic Portal 8.1 through SP3 stores the RDBMS Authentication provider password in cleartext in config.xml, allowing privilege escalation. Affected component: WebLogic Portal configuration for RDBMS auth. Root cause: cleartext password storage in config.xml. Impact: partial confidentiality ...

7.5CVSS7AI score0.03642EPSS
Exploits0References9Affected Software1
securityvulns
securityvulns
added 2006/01/24 12:0 a.m.39 views

[SA18593] BEA WebLogic Portal Information Disclosure and Security Bypass

TITLE: BEA WebLogic Portal Information Disclosure and Security Bypass SECUNIA ADVISORY ID: SA18593 VERIFY ADVISORY: http://secunia.com/advisories/18593/ CRITICAL: Moderately critical IMPACT: Security Bypass, Exposure of system information, Exposure of sensitive information WHERE: From remote...

0.2AI score
Exploits0
NVD
NVD
added 2004/07/27 4:0 a.m.19 views

CVE-2004-0715

The WebLogic Authentication provider for BEA WebLogic Server and WebLogic Express 8.1 through SP2 and 7.0 through SP4 does not properly clear member relationships when a group is deleted, which can cause a new group with the same name to have the members of the old group, which allows group membe...

5.1CVSS6.8AI score0.02312EPSS
Exploits0References7
Cvelist
Cvelist
added 2004/07/21 4:0 a.m.21 views

CVE-2004-0715

The WebLogic Authentication provider for BEA WebLogic Server and WebLogic Express 8.1 through SP2 and 7.0 through SP4 does not properly clear member relationships when a group is deleted, which can cause a new group with the same name to have the members of the old group, which allows group membe...

6.8AI score0.02312EPSS
Exploits0References7
CERT
CERT
added 2004/04/16 12:0 a.m.22 views

BEA WebLogic Server fails to properly associate re-created groups

Overview WebLogic Server contains a vulnerability that could result in the creation of new groups inheriting the privileges of a previously deleted group if members of the deleted group still exist. Description BEA Systems describes WebLogic Server as "an industrial-strength application...

7.2AI score
Exploits0References3
Rows per page
Query Builder