Intrusion PreventionOracle.WebLogic.Server.SSL.Handling.DoS
Description
This indicates an attack attempt against a denial-of-service vulnerability in Oracle BEA System's WebLogic products.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted SSL connection. It allows a remote attacker to cause a denial of service (network port comsumption).
Affected Products
BEA WebLogic Server for Win32 8.1 SP 4
BEA WebLogic Server for Win32 8.1 SP 3
BEA WebLogic Server for Win32 8.1 SP 2
BEA WebLogic Server for Win32 8.1 SP 1
BEA WebLogic Server for Win32 8.1
BEA Weblogic Server 8.1 SP 4
BEA Weblogic Server 8.1 SP 3
BEA Weblogic Server 8.1 SP 2
BEA Weblogic Server 8.1 SP 1
BEA Weblogic Server 8.1
BEA WebLogic Express for Win32 8.1 SP 4
BEA WebLogic Express for Win32 8.1 SP 3
BEA WebLogic Express for Win32 8.1 SP 2
BEA WebLogic Express for Win32 8.1 SP 1
BEA WebLogic Express for Win32 8.1
BEA WebLogic Express 8.1 SP 4
BEA WebLogic Express 8.1 SP 3
BEA WebLogic Express 8.1 SP 2
BEA WebLogic Express 8.1 SP 1
BEA WebLogic Express 8.1
Impact
Denial of service
Recommended Actions
Update to the latest versions:
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-12-22 | 16.984 | Name:Oracle. BEA. WebLogic. Server. SSL. DoS:Oracle. WebLogic. Server. SSL. Handling. DoS |
| ID | 14728 |
| Created | Jul 23, 2009 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2004-2424 |
| Exploit Prediction Score | 2.21% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Oracle |