Description
The WebLogic Server Administration Console in BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 displays the domain name in the Console login form, which allows remote attackers to obtain sensitive information.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26468
Patch, Vendor Advisory vendor-advisory
x_refsource_bea
http://dev2dev.bea.com/pub/advisory/190
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20130
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1828
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1016099
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1016097
Scores
EPSS
0.0032
EPSS Percentile
54.7%
Details
Status
published
Products (2)
bea/weblogic_server
7.0 (6 CPE variants)
bea/weblogic_server
8.1 (4 CPE variants)
Published
May 19, 2006
Tracked Since
Feb 18, 2026