Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1222


Vulnerability Score 5.0 5.0
CVE Id CVE-2003-1222
Last Modified 10 Sep 2008 03:22:39
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



BEA Weblogic Express and Server 8.0 through 8.1 SP 1, when using a foreign Java Message Service (JMS) provider, echoes the password for the foreign provider to the console and stores it in cleartext in config.xml, which could allow attackers to obtain the password.

Vulnerable Systems


  • Bea Weblogic Server 8.1


BID - 9034

BEA - BEA03-41.00

Last Updated: 27 May 2016 10:38:17