CVE Vulnerabilities

CVE-2003-0640

Published: Aug 27, 2003 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite usernames and passwords, which may allow Operators to gain Admin privileges.

Affected Software

Name Vendor Start Version End Version
Weblogic_server Bea * *
Weblogic_server Bea * *

References