CVE-2003-1437

Published Dec 31, 2003
Last updated 6 years ago
CVSS info 2.1
Overview

Description: BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: NVD-CWE-Other
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647"
          },
          {
            "criteria": "cpe:2.3:o:hp:hp-ux:11.11i:v1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8E98B8A6-A071-4BEA-BB39-C64A42816D8A"
          },
          {
            "criteria": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "465B06C4-136D-4CD8-BA38-B6B50511624C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44"
          },
          {
            "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B"
          },
          {
            "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759"
          },
          {
            "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:7.0:*:express:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBDF3AC0-0680-4EEE-898C-47D194667BE2"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp1:express:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBDB9094-78E8-4CBF-9F5F-321D5174F1EC"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:*:express:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25C711BB-E7E0-41D8-985E-5DD386C54637"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp1:express:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "071FAD20-D502-4634-852A-4CD06FE8E114"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647"
          },
          {
            "criteria": "cpe:2.3:o:hp:hp-ux:11.11i:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C10245E1-C95C-4219-92C9-888E5966ABF7"
          },
          {
            "criteria": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "465B06C4-136D-4CD8-BA38-B6B50511624C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44"
          },
          {
            "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B"
          },
          {
            "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759"
          },
          {
            "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9C5AFCF-79D8-4005-B800-B0C6BD461276"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6828CE4B-91E8-4688-977F-DC7BC21131C8"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74AE35FF-AC1C-435B-8CE9-F40AFFFA3A46"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32E8797D-1B62-4480-A79D-0345E65699E8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9C5AFCF-79D8-4005-B800-B0C6BD461276"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6828CE4B-91E8-4688-977F-DC7BC21131C8"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74AE35FF-AC1C-435B-8CE9-F40AFFFA3A46"
          },
          {
            "criteria": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32E8797D-1B62-4480-A79D-0345E65699E8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
