CVE-2006-2469
CVE-2006-2469 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The HTTP handlers in BEA WebLogic Server 9.0, 8.1 up to SP5, 7.0 up to SP6, and 6.1 up to SP7 stores the username and password in cleartext in the WebLogic Server log when access to a web application or protected JWS fails, which allows attackers to gain privileges.
Learn more about our Web App Pen Testing.