CVE-2006-2546

Опубликовано: 23 мая 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

A recommended admin password reset mechanism for BEA WebLogic Server 8.1, when followed before October 10, 2005, causes the administrator password to be stored in cleartext in the domain directory, which could allow attackers to gain privileges.

Ссылки

http://dev2dev.bea.com/pub/advisory/193
Patch
Vendor Advisory
http://secunia.com/advisories/20130
Vendor Advisory
http://securitytracker.com/id?1016101
http://www.vupen.com/english/advisories/2006/1828
https://exchange.xforce.ibmcloud.com/vulnerabilities/26460
http://dev2dev.bea.com/pub/advisory/193
Patch
Vendor Advisory
http://secunia.com/advisories/20130
Vendor Advisory
http://securitytracker.com/id?1016101
http://www.vupen.com/english/advisories/2006/1828
https://exchange.xforce.ibmcloud.com/vulnerabilities/26460

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00371

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-c83r-mv7q-x25g

github

почти 4 года назад