Back to search
CVE-2005-4755
Published: Apr 1, 2006
Modified: Sep 16, 2024
PUBLISHED
Description
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier (1) stores the private key passphrase (CustomTrustKeyStorePassPhrase) in cleartext in nodemanager.config; or, during domain creation with the Configuration Wizard, renders an SSL private key passphrase in cleartext (2) on a terminal or (3) in a log file, which might allow local users to obtain cryptographic keys.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
BEA05-91.00
vendor-advisory
x_refsource_BEA
BEA05-96.00
vendor-advisory
x_refsource_BEA
15052
vdb-entry
x_refsource_BID
17138
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now