CVE-2003-1224

CVE-2003-1224 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows attackers to read a user's password by physically observing ("shoulder surfing") the screen.

Learn more about our Cis Benchmark Audit For Server Software.