CVE-2006-2546

Sažetak

A recommended admin password reset mechanism for BEA WebLogic Server 8.1, when followed before October 10, 2005, causes the administrator password to be stored in cleartext in the domain directory, which could allow attackers to gain privileges.

Reference

http://dev2dev.bea.com/pub/advisory/193
http://secunia.com/advisories/20130
http://securitytracker.com/id?1016101
http://www.vupen.com/english/advisories/2006/1828
https://exchange.xforce.ibmcloud.com/vulnerabilities/26460

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

20-07-2017 - 01:31

Objavljeno

23-05-2006 - 10:06