CVE-2007-2697 in BEA WebLogic Serverinfo

Summary

The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP5, 9.0, and 9.1, when in certain configurations, does not limit or audit failed authentication attempts, which allows remote attackers to more easily conduct brute-force attacks against the administrator password, or flood the server with login attempts and cause a denial of service.

Reservation

05/15/2007

Disclosure

05/15/2007

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
36818	BEA WebLogic Server denial of service	404	Proof-of-Concept	Not defined	CVE-2007-2697

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!