CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 0CVE-2003-1093
https://notcve.org/view.php?id=CVE-2003-1093
BEA WebLogic Server 6.1, 7.0 and 7.0.0.1, when routing messages to a JMS target domain that is inaccessible, may leak the user's password when it throws a ResourceAllocationException. • http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-24.jsp http://www.kb.cert.org/vuls/id/331937 http://www.securityfocus.com/bid/6586 https://exchange.xforce.ibmcloud.com/vulnerabilities/11057 •
CVSS: 5.0EPSS: 0%CPEs: 42EXPL: 0CVE-2003-1220
https://notcve.org/view.php?id=CVE-2003-1220
BEA WebLogic Server proxy plugin for BEA Weblogic Express and Server 6.1 through 8.1 SP 1 allows remote attackers to cause a denial of service (proxy plugin crash) via a malformed URL. • http://dev2dev.bea.com/pub/advisory/25 http://www.securityfocus.com/bid/9034 •
CVSS: 2.1EPSS: 0%CPEs: 34EXPL: 0CVE-2003-1437
https://notcve.org/view.php?id=CVE-2003-1437
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. • http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp http://www.securityfocus.com/bid/6719 https://exchange.xforce.ibmcloud.com/vulnerabilities/11220 •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2003-1094
https://notcve.org/view.php?id=CVE-2003-1094
BEA WebLogic Server and Express version 7.0 SP3 may follow certain code execution paths that result in an incorrect current user, such as in the frequent use of JNDI initial contexts, which could allow remote authenticated users to gain privileges. • http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-35.jsp http://www.kb.cert.org/vuls/id/999788 http://www.securityfocus.com/bid/8320 https://exchange.xforce.ibmcloud.com/vulnerabilities/12799 •
CVSS: 2.1EPSS: 0%CPEs: 19EXPL: 0CVE-2003-1225
https://notcve.org/view.php?id=CVE-2003-1225
The default CredentialMapper for BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores passwords in cleartext on disk, which allows local users to extract passwords. • http://dev2dev.bea.com/pub/advisory/22 http://www.securityfocus.com/bid/7563 •