Description
BEA WebLogic Server and WebLogic Express 8.1 through 8.1 SP2 allow remote attackers to cause a denial of service (network port consumption) via unknown actions in HTTPS sessions, which prevents the server from releasing the network port when the session ends.
References (6)
Core 6
Core References
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10544
Patch, Vendor Advisory vendor-advisory
x_refsource_bea
http://dev2dev.bea.com/pub/advisory/7
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/11864
Patch vdb-entry
x_refsource_osvdb
http://www.osvdb.org/7076
Patch, Vendor Advisory vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1010492
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16419
Scores
EPSS
0.0112
EPSS Percentile
78.5%
Details
Status
published
Products (1)
bea/weblogic_server
8.1 (15 CPE variants)
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026