CVE-2007-5576
Last modified
CVE-2007-5576 is a vulnerability of currently unknown severity. BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows physically proximate attackers to obtain sensitive information via the (1) cnsbind, (2) cnsunbind, or (3) cnsls commands.. EPSS estimates a 1.00% chance of exploitation in the next 30 days.
Description
BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows physically proximate attackers to obtain sensitive information via the (1) cnsbind, (2) cnsunbind, or (3) cnsls commands.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Bea | Tuxedo | 8.0 | — |
| Bea | Tuxedo | 8.1 | — |
| Bea | Weblogic Integration | 8.1 | — |
| Bea | Weblogic Integration | 9.2 | — |
| Bea | Weblogic Server | 5.1 | — |
| Bea | Weblogic Server | 6.1 | — |
| Bea | Weblogic Server | 7.0 | — |
| Bea | Weblogic Server | 7.0.0.1 | — |
| Bea | Weblogic Server | 8.1 | — |
| Bea | Weblogic Server | 9.0 | — |
| Bea | Weblogic Server | 9.1 | — |
| Bea | Weblogic Server | 9.2 | — |
| Bea | Weblogic Workshop | 8.1 | Sp2 |
| Oracle | Weblogic Portal | 9.2 | — |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-5576?
How severe is CVE-2007-5576?
How do I fix CVE-2007-5576?
Are you affected by CVE-2007-5576?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST