Unrated severityNVD Advisory· Published Dec 31, 2005· Updated Jun 16, 2026
CVE-2005-4755
CVE-2005-4755
Description
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier (1) stores the private key passphrase (CustomTrustKeyStorePassPhrase) in cleartext in nodemanager.config; or, during domain creation with the Configuration Wizard, renders an SSL private key passphrase in cleartext (2) on a terminal or (3) in a log file, which might allow local users to obtain cryptographic keys.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:*:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp1:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp2:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp3:express:*:*:*:*:*
- (no CPE)range: <=8.1 SP3
- Range: <=8.1 SP3
Patches
Vulnerability mechanics
References
4- dev2dev.bea.com/pub/advisory/145nvdPatchVendor Advisory
- dev2dev.bea.com/pub/advisory/150nvdPatchVendor Advisory
- secunia.com/advisories/17138nvdThird Party Advisory
- www.securityfocus.com/bid/15052nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.