Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users in the Operator role to obtain administrator passwords via MBean attributes, including (1) ServerStartMBean.Password and (2) NodeManagerMBean.CertificatePassword.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BEA WebLogic不正确操作员权限密码泄露漏洞
Vulnerability Description
BEA Systems WebLogic包含多种应用系统集成方案,包括Server/Express/Integration等。 BEA Systems WebLogic存在一个安全问题,允许服务器操作员查看敏感信息。 如果攻击者是操作员组成员,就可以访问MBean属性中的敏感信息,如erStartMBean.Password和the NodeManagerMBean.CertificatePassword.密码信息。一旦获得这些密码,就可能获得服务器的全部权限。
CVSS Information
N/A
Vulnerability Type
N/A