CVE-2005-4761

Опубликовано: 31 дек. 2005

Источник: nvd

CVSS2: 1.2

EPSS Низкий

Описание

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 and earlier, and 6.1 SP7 and earlier log the Java command line at server startup, which might include sensitive information (passwords or keyphrases) in the server log file when the -D option is used.

Ссылки

http://dev2dev.bea.com/pub/advisory/152
Patch
Vendor Advisory
http://secunia.com/advisories/17138
Patch
Vendor Advisory
http://www.securityfocus.com/bid/15052
Patch
http://dev2dev.bea.com/pub/advisory/152
Patch
Vendor Advisory
http://secunia.com/advisories/17138
Patch
Vendor Advisory
http://www.securityfocus.com/bid/15052
Patch

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bea:weblogic_server:6.1:*:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:*:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:*:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp1:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp1:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp1:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp2:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp2:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp2:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp3:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp3:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp3:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp4:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp4:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp4:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp5:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp5:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp5:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp6:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp6:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp6:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp7:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp7:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:6.1:sp7:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:*:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:*:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp1:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp1:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp2:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp2:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp3:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp3:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp4:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp4:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp5:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:7.0:sp5:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:*:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:*:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp1:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp1:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp2:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp2:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp3:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp3:win32:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp4:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp4:express:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp4:win32:*:*:*:*:*

EPSS

Процентиль: 30%

0.0011

Низкий

1.2 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pxc2-7c94-q8j2

github

почти 4 года назад