Vulnerabilities > CVE-2005-4767 - Multiple vulnerability in BEA Weblogic Server 7.0/8.1
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 SP6 and earlier, when using username/password authentication, does not lock out a username after the maximum number of invalid login attempts, which makes it easier for remote attackers to guess the password.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 39 |