Vulnerability CVE-2005-4764 - CERT Civis.Net

Vulnerability Name:

CVE-2005-4764 (CCN-22591)

Assigned:

2005-10-11

Published:

2005-10-11

Updated:

2008-09-05

Summary:

BEA WebLogic Server and WebLogic Express 9.0, 8.1, and 7.0 lock out the admin user account after multiple incorrect password guesses, which allows remote attackers who know or guess the admin account name to cause a denial of service (blocked admin logins).

CVSS v3 Severity:

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

CVSS v2 Severity:

7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N)
5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2005-4764

Source: BEA
Type: Patch, Vendor Advisory
BEA05-101.00

Source: CCN
Type: BEA Systems Inc. Web site
BEA Product Documentation

Source: CCN
Type: SA17138
BEA WebLogic 24 Vulnerabilities and Security Issues

Source: SECUNIA
Type: Vendor Advisory
17138

Source: CCN
Type: OSVDB ID: 20108
BEA WebLogic Failed Login Administrator Account Lockout DoS

Source: BID
Type: Patch
15052

Source: CCN
Type: BID-15052
BEA WebLogic Server and WebLogic Express Multiple Vulnerabilities

Source: XF
Type: UNKNOWN
weblogic-user-lockout(22591)

Source: CCN
Type: BEA Systems Security Advisory: (BEA05-101.00)
The documentation has been updated to recommend multiple administrator accounts.

Vulnerable Configuration:

Configuration 1:

cpe:/a:bea:weblogic_server:6.1:*:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:*:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:*:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp1:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp1:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp1:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp2:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp2:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp2:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp3:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp3:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp3:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp4:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp4:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp4:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp5:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp5:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp5:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp6:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp6:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp7:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp7:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp7:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp8:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp8:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:6.1:sp8:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:*:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:*:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:*:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp1:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp1:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp2:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp2:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp3:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp3:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp4:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp4:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp5:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp5:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp6:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp6:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp6:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp7:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp7:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:7.0:sp7:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:*:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:*:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:*:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp1:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp1:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp2:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp2:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp3:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp3:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp4:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp4:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp4:win32:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp5:*:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp5:express:*:*:*:*:*

OR cpe:/a:bea:weblogic_server:8.1:sp5:win32:*:*:*:*:*

Denotes that component is vulnerable