[原文]BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allow remote attackers to obtain sensitive information (intranet IP addresses) via unknown attack vectors involving "network address translation."
BEA WebLogic contains a flaw that may lead to an unauthorized information disclosure. The problem is that internal IP addresses of machines behind a firewall can be disclosed by a remote attacker via NAT resulting in a loss of confidentiality.
Upgrade to version 8.1 Service Pack 4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.