Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP5, 9.0, and 9.1, when in certain configurations, does not limit or audit failed authentication attempts, which allows remote attackers to more easily conduct brute-force attacks against the administrator password, or flood the server with login attempts and cause a denial of service.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
embedded embedded LDAP server in BEA WebLogic Express and WebLogic Server 拒绝服务攻击漏洞
Vulnerability Description
当处于特定配置的情况下,BEA WebLogic Express and WebLogic Server 中内嵌的LDAP服务器,没有限制或审计失败的验证尝试,这使得远程攻击者可以更易于对管理员密码执行暴力破解攻击或者借助登陆尝试淹没服务器并引起拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A