Authentication Failure Information Disclosure Vulnerability in BEA WebLogic Server

Authentication Failure Information Disclosure Vulnerability in BEA WebLogic Server

CVE-2005-0432 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service Pack 3 and earlier, generates different login exceptions that suggest why an authentication attempt fails, which makes it easier for remote attackers to guess passwords via brute force attacks.

Learn more about our Web App Pen Testing.