CVE-2004-2424

Name of the Vulnerable Software and Affected Versions: BEA WebLogic Server and WebLogic Express versions 8.1 through 8.1 SP2

Description: The issue allows remote attackers to cause a denial of service by consuming network ports via unknown actions in HTTPS sessions. This prevents the server from releasing the network port when the session ends.

Recommendations: For versions 8.1 through 8.1 SP2, consider restricting access to HTTPS sessions or implementing measures to limit network port consumption until a fix is available.