HomePentest-Tools.com Logo

BEA WebLogic Operator/Admin Password Disclosure Vulnerability CVE-2004-1757

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

BEA WebLogic Server and WebLogic Express are prone to a vulnerability that may result in the disclosure of Operator or Admin passwords.

Risk description

An attacker who has interactive access to the affected managed server, may potentially exploit this issue in a timed attack to harvest credentials when the managed server fails during the boot process.

Recommendation

The vendor has release updates. Please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 31, 2004
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available