exploitDog

CVE-2005-0432

Опубликовано: 02 мая 2005

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service Pack 3 and earlier, generates different login exceptions that suggest why an authentication attempt fails, which makes it easier for remote attackers to guess passwords via brute force attacks.

Ссылки

http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA05-74.00.jsp
Patch
Vendor Advisory
http://secunia.com/advisories/14298
Patch
Vendor Advisory
http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA05-74.00.jsp
Patch
Vendor Advisory
http://secunia.com/advisories/14298
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*

cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.00261

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wrx5-4m94-5mpw

github

почти 4 года назад

BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service Pack 3 and earlier, generates different login exceptions that suggest why an authentication attempt fails, which makes it easier for remote attackers to guess passwords via brute force attacks.

EPSS

Процентиль: 49%

0.00261

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other