CVE-2006-2464

Medium

4.6/10

Summary

stopWebLogic.sh in BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6 displays the administrator password to stdout when executed, which allows local users to obtain the password by viewing a local display.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published May 19, 2006

CVE-2006-2464

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS