CVE-2004-0652

BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack 4, and 8.1 through 8.1 Service Pack 2, allows attackers to obtain the username and password for booting the server by directly accessing certain internal methods.

Affected Software

Name	Vendor	Start Version	End Version
Weblogic_server	Bea	7.0 (including)	7.0 (including)
Weblogic_server	Bea	7.0-sp1 (including)	7.0-sp1 (including)
Weblogic_server	Bea	7.0-sp2 (including)	7.0-sp2 (including)
Weblogic_server	Bea	7.0-sp3 (including)	7.0-sp3 (including)
Weblogic_server	Bea	7.0-sp4 (including)	7.0-sp4 (including)
Weblogic_server	Bea	7.0.0.1 (including)	7.0.0.1 (including)
Weblogic_server	Bea	7.0.0.1-sp1 (including)	7.0.0.1-sp1 (including)
Weblogic_server	Bea	7.0.0.1-sp2 (including)	7.0.0.1-sp2 (including)
Weblogic_server	Bea	7.0.0.1-sp3 (including)	7.0.0.1-sp3 (including)
Weblogic_server	Bea	7.0.0.1-sp4 (including)	7.0.0.1-sp4 (including)
Weblogic_server	Bea	8.1 (including)	8.1 (including)
Weblogic_server	Bea	8.1-sp1 (including)	8.1-sp1 (including)
Weblogic_server	Bea	8.1-sp2 (including)	8.1-sp2 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0652
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References