CVE Vulnerabilities

CVE-2004-2321

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users in the Operator role to obtain administrator passwords via MBean attributes, including (1) ServerStartMBean.Password and (2) NodeManagerMBean.CertificatePassword.

Affected Software

Name Vendor Start Version End Version
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 8.1 8.1

References