CVE-2004-2321

Publication date

2005-08-16 04:00:00

Family

mitre

State

PUBLISHED

Description

BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users in the Operator role to obtain administrator passwords via MBean attributes, including (1) ServerStartMBean.Password and (2) NodeManagerMBean.CertificatePassword.