CVE-2003-1447

Name of the Vulnerable Software and Affected Versions IBM WebSphere Advanced Server Edition version 4.0.4

Description The issue concerns the use of a weak encryption algorithm, specifically XOR and base64 encoding, which allows local users to decrypt passwords when the configuration file is exported to XML.

Recommendations For IBM WebSphere Advanced Server Edition version 4.0.4, consider updating the encryption algorithm to a more secure method to prevent password decryption. As a temporary workaround, restrict access to the configuration file to minimize the risk of exploitation.