Weblogic Server@7.0.0.1 Security Vulnerabilities and Issues — Weblogic Server@7.0.0.1 CVE List

Lucene search

BeaWeblogic Server7.0.0.1

4 matches found

CVE•added 2007/10/23 1:0 a.m.•39 views

CVE-2003-1437

BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.

2.1CVSS6.9AI score0.00033EPSS

CVE•added 2007/10/18 9:17 p.m.•34 views

CVE-2007-5576

BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows physically proximate attackers to obtain sensitive information via the (1) cnsbind, (2) cnsunbind, or (3) cnsls commands.

6.8CVSS6.3AI score0.00602EPSS

CVE•added 2007/10/23 1:0 a.m.•32 views

CVE-2003-1438

Race condition in BEA WebLogic Server and Express 5.1 through 7.0.0.1, when using in-memory session replication or replicated stateful session beans, causes the same buffer to be provided to two users, which could allow one user to see session data that was intended for another user.

4.3CVSS7.2AI score0.00254EPSS

CVE•added 2007/10/06 9:0 p.m.•29 views

CVE-2004-2696

BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP), does not properly handle when multiple logins for different users coming from the same client, which could cause an "unexpected user identity" to be used in...

5.5CVSS7AI score0.00545EPSS