2005-03-10 05:00:00
mitre
PUBLISHED
BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the administrator password in cleartext in config.xml, which allows local users to gain privileges.