Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows malicious users to read a user's password by physically observing ("shoulder surfing") the screen.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bea weblogic server 7.0 |
||
bea weblogic server 7.0.0.1 |