Privilege Escalation Vulnerability in BEA WebLogic Server and Express

Privilege Escalation Vulnerability in BEA WebLogic Server and Express

CVE-2003-0640 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite usernames and passwords, which may allow Operators to gain Admin privileges.

Learn more about our Web App Pen Testing.