← voltar
CVE-2006-2469

CVE-2006-2469

EPSS 1.3%
The HTTP handlers in BEA WebLogic Server 9.0, 8.1 up to SP5, 7.0 up to SP6, and 6.1 up to SP7 stores the username and password in cleartext in the WebLogic Server log when access to a web application or protected JWS fails, which allows attackers to gain privileges.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://dev2dev.bea.com/pub/advisory/189http://secunia.com/advisories/20130http://securitytracker.com/id?1016098https://exchange.xforce.ibmcloud.com/vulnerabilities/26463http://www.vupen.com/english/advisories/2006/1828