Unrated severityNVD Advisory· Published Oct 18, 2007· Updated Jun 16, 2026
CVE-2007-5576
CVE-2007-5576
Description
BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows physically proximate attackers to obtain sensitive information via the (1) cnsbind, (2) cnsunbind, or (3) cnsls commands.
Affected products
58cpe:2.3:a:bea:weblogic_integration:8.1:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:bea:weblogic_integration:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_integration:8.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_integration:8.1:sp3:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_integration:8.1:sp4:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_integration:8.1:sp5:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_integration:8.1:sp6:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_integration:9.2:*:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:5.1:*:enterprise:*:*:*:*:*+ 40 more
- cpe:2.3:a:bea:weblogic_server:5.1:*:enterprise:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:*:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp1:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp2:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp3:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp4:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp5:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp6:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:sp7:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp3:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp4:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:*:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp1:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp2:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp3:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp4:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp5:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp6:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp6:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp7:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp7:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:*:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp1:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp2:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp3:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp4:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp5:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:9.1:*:express:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:9.2:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:9.2:*:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_workshop:8.1:sp2:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:bea:weblogic_workshop:8.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_workshop:8.1:sp3:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_workshop:8.1:sp4:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_workshop:8.1:sp5:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_workshop:8.1:sp6:*:*:*:*:*:*
- cpe:2.3:a:oracle:weblogic_portal:9.2:*:*:*:*:*:*:*
- Range: <5.1 RP174
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.