← volver
CVE-2006-2469

CVE-2006-2469

EPSS 1.3%
The HTTP handlers in BEA WebLogic Server 9.0, 8.1 up to SP5, 7.0 up to SP6, and 6.1 up to SP7 stores the username and password in cleartext in the WebLogic Server log when access to a web application or protected JWS fails, which allows attackers to gain privileges.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://dev2dev.bea.com/pub/advisory/189http://secunia.com/advisories/20130http://securitytracker.com/id?1016098https://exchange.xforce.ibmcloud.com/vulnerabilities/26463http://www.vupen.com/english/advisories/2006/1828