Vulnerability Name:

CVE-2008-0901 (CCN-40695)

Assigned:2008-02-19
Published:2008-02-19
Updated:2018-10-15
Summary:BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N)
5.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-255
CWE-200
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2008-0901

Source: BEA
Type: Patch
BEA08-197.00

Source: CCN
Type: SA29041
BEA WebLogic Products Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
29041

Source: CCN
Type: SECTRACK ID: 1019449
WebLogic Lets Remote Users Bypass the Account Lockout Feature

Source: CCN
Type: OSVDB ID: 41900
BEA WebLogic Account Lockout Bypass Brute Force Weakness

Source: MISC
Type: UNKNOWN
http://www.s21sec.com/avisos/s21sec-040-en.txt

Source: BUGTRAQ
Type: UNKNOWN
20080225 S21SEC-040-en: Infinite invalid authentication attempts possible in BEA WebLogic Server

Source: CCN
Type: BID-27874
SWORD Remote Arbitrary Command Execution Vulnerability

Source: CCN
Type: BID-27893
BEA Systems Multiple Products BEA08-183.00 to BEA08-200.00 Multiple Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1019449

Source: VUPEN
Type: UNKNOWN
ADV-2008-0612

Source: XF
Type: UNKNOWN
bea-weblogic-accountlockout-security-bypass(40695)

Source: CCN
Type: BEA08-197.00
Account lockout can be bypassed, exposing the account to a brute-force password attack

Vulnerable Configuration:Configuration 1:
  • cpe:/a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:7.0:sp6:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:7.0:sp7:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:8.1:sp4:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:8.1:sp5:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:8.1:sp6:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:9.1:*:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:9.2:*:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:9.2:mp1:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:9.2:mp2:*:*:*:*:*:*
  • OR cpe:/a:bea:weblogic_server:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:bea_systems:weblogic_server:10.0_mp1:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:oracle:weblogic_server:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:weblogic_server:9.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    bea weblogic server 7.0
    bea weblogic server 7.0 sp1
    bea weblogic server 7.0 sp2
    bea weblogic server 7.0 sp3
    bea weblogic server 7.0 sp4
    bea weblogic server 7.0 sp5
    bea weblogic server 7.0 sp6
    bea weblogic server 7.0 sp7
    bea weblogic server 8.1
    bea weblogic server 8.1 sp1
    bea weblogic server 8.1 sp2
    bea weblogic server 8.1 sp3
    bea weblogic server 8.1 sp4
    bea weblogic server 8.1 sp5
    bea weblogic server 8.1 sp6
    bea weblogic server 9.0
    bea weblogic server 9.1
    bea weblogic server 9.2
    bea weblogic server 9.2 mp1
    bea weblogic server 9.2 mp2
    bea weblogic server 10.0
    bea_systems weblogic server 10.0_mp1
    oracle weblogic server 9.0
    oracle weblogic server 9.1