QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2003-1222

Back to search

CVE-2003-1222

Published: Aug 16, 2005

Modified: Aug 8, 2024

PUBLISHED

Description

BEA Weblogic Express and Server 8.0 through 8.1 SP 1, when using a foreign Java Message Service (JMS) provider, echoes the password for the foreign provider to the console and stores it in cleartext in config.xml, which could allow attackers to obtain the password.

VendorProductVersions

n/a

n/a

affected
n/a

References

9034
vdb-entry
x_refsource_BID
BEA03-41.00
vendor-advisory
x_refsource_BEA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2003-1222 - Security Vulnerability | QwikSec