BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service Pack 3 and earlier, generates different login exceptions that suggest why an authentication attempt fails, which makes it easier for remote attackers to guess passwords via brute force attacks.
Software | From | Fixed in |
---|---|---|
bea / weblogic_server | 7.0-sp5 | 7.0-sp5.x |
bea / weblogic_server | 8.1-sp3 | 8.1-sp3.x |