Описание
BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configuration auditing is enabled and a password change occurs, stores the old and new passwords in cleartext in the DefaultAuditRecorder.log file, which could allow attackers to gain privileges.
BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configuration auditing is enabled and a password change occurs, stores the old and new passwords in cleartext in the DefaultAuditRecorder.log file, which could allow attackers to gain privileges.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-0426
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24290
- http://dev2dev.bea.com/pub/advisory/170
- http://secunia.com/advisories/18592
- http://securitytracker.com/id?1015528
- http://www.osvdb.org/22775
- http://www.securityfocus.com/bid/16358
- http://www.vupen.com/english/advisories/2006/0313
EPSS
CVE ID
Связанные уязвимости
BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configuration auditing is enabled and a password change occurs, stores the old and new passwords in cleartext in the DefaultAuditRecorder.log file, which could allow attackers to gain privileges.
EPSS