← CVECheck
HomeVulnerabilities

CVE-2003-1226 — LOW severity vulnerability (BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certa)

BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets concerning password encryption insecurely in config.xml, filerealm.properties, and weblogic-rar.xml, which allows local users to learn those secrets and decrypt passwords.

CVE IDCVE-2003-1226
SeverityLOW
CVSS score2.1
CVSS vectorAV:L/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2003-12-31
Last modified2026-04-16
DescriptionBEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets concerning password encryption insecurely in config.xml, filerealm.properties, and weblogic-rar.xml, which allows local users to learn those secrets and decrypt passwords.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →