CVE-2002-2141

BeA WebLogic Server and Express 7.0/7.0.0.1 running Servlets and EJB on multiple servers are vulnerable to a flaw that, when an application is undeployed on one server, causes removal of security constraints and roles on all servers for affected Servlets or EJBs. This could enable unauthorized ac...

CVE-2003-1224

BEA WebLogic Server/Express 7.0 and 7.0.0.1 are affected by CVE-2003-1224 due to a bug in the JDBCConnectionPoolRuntimeMBean where the password is displayed on screen in cleartext. This allows local observers to read a user’s password via shoulder surfing. The vulnerability is classified with a l...

CVE-2003-1224

Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows attackers to read a user's password by physically observing "shoulder surfing" the screen...

CVE-2004-1755

Technical details for CVE-2004-1755 are not publicly available in the provided documents. No affected products, impact specifics, or remediation are described here. Monitor for updates.

CVE-2003-1224

Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows attackers to read a user's password by physically observing "shoulder surfing" the screen...