Vulnerability in Bea Weblogic_server
CVE-2005-1745
The UserLogin control in BEA WebLogic Portal 8.1 through Service Pack 3 prints the password to standard output when an incorrect login attempt is made, which could make it easier for attackers to guess the correct password.
EPSS: 0.006 (43.6th percentile) — read the EPSS interpretation.
Affected products
- Bea Weblogic_server — versions 6.0, 6.1, 7.0
- Oracle Weblogic_portal — versions 8.0
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vendor-advisory, x_refsource_BEA, Vendor Advisory)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)