CVE-2005-4762

BEA WebLogic Server & WebLogic Express <8.1 SP4 - Info Disclosure

Title source: llm
STIX 2.1

Description

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier sometimes stores the boot password in the registry in cleartext, which might allow local users to gain administrative privileges.

References (3)

Core 3
Core References
Patch, Vendor Advisory vendor-advisory x_refsource_bea
http://dev2dev.bea.com/pub/advisory/153
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15052
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17138

Scores

EPSS 0.0017
EPSS Percentile 38.4%

Details

Status published
Products (3)
bea/weblogic_server 6.1 (22 CPE variants)
bea/weblogic_server 7.0 (21 CPE variants)
bea/weblogic_server 8.1 (7 CPE variants)
Published Dec 31, 2005
Tracked Since Feb 18, 2026