CVE-2005-4764

Name of the Vulnerable Software and Affected Versions BEA WebLogic Server and WebLogic Express versions 7.0, 8.1, 9.0

Description The issue allows remote attackers who know or guess the admin account name to cause a denial of service by blocking admin logins, as the server locks out the admin user account after multiple incorrect password guesses.

Recommendations For versions 7.0, 8.1, 9.0, consider implementing a workaround to limit the number of incorrect login attempts or temporarily restrict access to the admin login functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.