CVE-2003-1225

Low

2.1/10

Summary

The default CredentialMapper for BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores passwords in cleartext on disk, which allows local users to extract passwords.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: PARTIAL
Availability Impact: NONE

References

Advisory Timeline

Published Dec 31, 2003

CVE-2003-1225

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS