VYPR
Unrated severityNVD Advisory· Published Jan 25, 2006· Updated Jun 16, 2026

CVE-2006-0423

CVE-2006-0423

Description

BEA WebLogic Portal 8.1 through SP3 stores the password for the RDBMS Authentication provider in cleartext in the config.xml file, which allows attackers to gain privileges.

Affected products

5
  • cpe:2.3:a:oracle:weblogic_portal:8.1:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:oracle:weblogic_portal:8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:weblogic_portal:8.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:oracle:weblogic_portal:8.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:oracle:weblogic_portal:8.1:sp3:*:*:*:*:*:*
  • Range: >=8.1, <=8.1 SP3

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.