Weak Permissions in WebLog Expert Web Server Enterprise 9.4 Allow Local Users to Set Cleartext Password and Login as Admin
CVE-2018-7581 · MEDIUM Severity
AV:L/AC:L/AU:N/C:P/I:P/A:P
\ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog Expert Web Server Enterprise 9.4 has weak permissions (BUILTIN\Users:(ID)C), which allows local users to set a cleartext password and login as admin.
Learn more about our Web App Pen Testing.