Lucene search
HistoryAug 18, 2005 - 4:00 a.m.
CVE-2004-2424
bea
weblogic server
weblogic express
denial of service
vulnerability
cve-2004-2424
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.7 Medium
AI Score
Confidence
High
0.022 Low
EPSS
Percentile
89.5%
BEA WebLogic Server and WebLogic Express 8.1 through 8.1 SP2 allow remote attackers to cause a denial of service (network port consumption) via unknown actions in HTTPS sessions, which prevents the server from releasing the network port when the session ends.
Affected configurations
Node
beaweblogic_serverMatch8.1
ORbeaweblogic_serverMatch8.1express
ORbeaweblogic_serverMatch8.1win32
ORbeaweblogic_serverMatch8.1sp1
ORbeaweblogic_serverMatch8.1sp1express
ORbeaweblogic_serverMatch8.1sp1win32
ORbeaweblogic_serverMatch8.1sp2
ORbeaweblogic_serverMatch8.1sp2express
ORbeaweblogic_serverMatch8.1sp2win32
ORbeaweblogic_serverMatch8.1sp3
ORbeaweblogic_serverMatch8.1sp3express
ORbeaweblogic_serverMatch8.1sp3win32
ORbeaweblogic_serverMatch8.1sp4
ORbeaweblogic_serverMatch8.1sp4express
ORbeaweblogic_serverMatch8.1sp4win32
| CPE | Name | Operator | Version |
|---|---|---|---|
| bea:weblogic_server | bea weblogic server | eq | 8.1 |
Related
nvd
nvd
CVE-2004-2424
2004-12-31 05:00:00
cvelist
cvelist
CVE-2004-2424
2005-08-18 04:00:00
checkpoint_advisories
checkpoint_advisories
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.7 Medium
AI Score
Confidence
High
0.022 Low
EPSS
Percentile
89.5%
Related for CVE-2004-2424