CVE-2007-2700

The WLST script generated by the configToScript command in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not encrypt certain attributes in configuration files when creating a new domain, which allows remote authenticated users to obtain sensitive information.
Configurations

Configuration 1

cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:9.0:*:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:9.1:*:express:*:*:*:*:*

Information

Published : 2007-05-16 01:19

Updated : 2017-07-29 01:31


NVD link : CVE-2007-2700

Mitre link : CVE-2007-2700

Products Affected
No products.