Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2546

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-2546
Last Modified 07 Mar 2011 09:36:28
Published 23 May 2006 06:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2546

Summary

A recommended admin password reset mechanism for BEA WebLogic Server 8.1, when followed before October 10, 2005, causes the administrator password to be stored in cleartext in the domain directory, which could allow attackers to gain privileges.

Vulnerable Systems

Application

  • Bea Weblogic Server 8.1


References

BEA - BEA06-131.00

XF - weblogic-admin-password-cleartext(26460)

VUPEN - ADV-2006-1828

SECTRACK - 1016101

SECUNIA - 20130


Last Updated: 27 May 2016 10:42:40