VYPR
Unrated severityNVD Advisory· Published Jan 23, 2007· Updated Jun 16, 2026

CVE-2007-0413

CVE-2007-0413

Description

BEA WebLogic Server 8.1 through 8.1 SP5 stores cleartext data in a backup of config.xml after offline editing, which allows local users to obtain sensitive information by reading this backup file.

Affected products

3
  • cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_server:*:sp5:*:*:*:*:*:*range: <=8.1
    • (no CPE)range: 8.1 to 8.1 SP5

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.