Unrated severityNVD Advisory· Published May 19, 2006· Updated Jun 16, 2026

CVE-2006-2464

Description

stopWebLogic.sh in BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6 displays the administrator password to stdout when executed, which allows local users to obtain the password by viewing a local display.

Affected products

Bea/WebLogic Server11 versions
cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*
- (no CPE)range: 8.1 < Service Pack 4, 7.0 < Service Pack 6

Patches

Vulnerability mechanics

References

dev2dev.bea.com/pub/advisory/181nvdPatchVendor Advisory
secunia.com/advisories/20130nvdPatchVendor Advisory
securitytracker.com/idnvdPatch
www.vupen.com/english/advisories/2006/1828nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26467nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000