Weblogic Server CVE-2007-2700 Information Disclosure Vulnerability

Weblogic Server CVE-2007-2700 Information Disclosure Vulnerability

Weblogic Server is prone to a information disclosure vulnerability. The WLST script generated by the configToScript command in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not encrypt certain attributes in configuration files when creating a new domain, which allows remote authenticated users to obtain sensitive information.