Cleartext Password Storage Vulnerability in BEA WebLogic Server and Express 7.0 and 7.0.0.1

Cleartext Password Storage Vulnerability in BEA WebLogic Server and Express 7.0 and 7.0.0.1

CVE-2003-1225 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The default CredentialMapper for BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores passwords in cleartext on disk, which allows local users to extract passwords.

Learn more about our Web App Pen Testing.