CVE-2004-2321

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users in the Operator role to obtain administrator passwords via MBean attributes, including (1) ServerStartMBean.Password and (2) NodeManagerMBean.CertificatePassword.

Ссылки

http://dev2dev.bea.com/pub/advisory/1
Patch
Vendor Advisory
http://www.securityfocus.com/bid/9505
Patch
http://www.securitytracker.com/alerts/2004/Jan/1008867.html
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/14962
http://dev2dev.bea.com/pub/advisory/1
Patch
Vendor Advisory
http://www.securityfocus.com/bid/9505
Patch
http://www.securitytracker.com/alerts/2004/Jan/1008867.html
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/14962

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp1:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp1:win32:*:*:*:*:*

EPSS

Процентиль: 9%

0.00034

Низкий

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-293h-rg6q-5hxj

github

больше 3 лет назад