Local Privilege Escalation: Administrator Password Disclosure in BEA WebLogic Server and Express 8.1 SP1 and earlier
CVE-2004-2321 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users in the Operator role to obtain administrator passwords via MBean attributes, including (1) ServerStartMBean.Password and (2) NodeManagerMBean.CertificatePassword.
Learn more about our Web App Pen Testing.