CVE-2003-1224

Low

2.1/10

Summary

Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows attackers to read a user's password by physically observing ("shoulder surfing") the screen.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: PARTIAL
Availability Impact: NONE

References

Advisory Timeline

Published Dec 31, 2003

CVE-2003-1224

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS