Security Advisory

CVE-2006-2469

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-05-19 10:00:00

Last updated 2024-08-07 17:51:04

Assigner mitre

State PUBLISHED

Description

The HTTP handlers in BEA WebLogic Server 9.0, 8.1 up to SP5, 7.0 up to SP6, and 6.1 up to SP7 stores the username and password in cleartext in the WebLogic Server log when access to a web application or protected JWS fails, which allows attackers to gain privileges.

← Browse all CVEs View on cve.org ↗