Weak JNDI trees protection, insufficient authorization for few weblogic.Admin methods, weak resource protection thorugh web.xml on case-insensitive filesystems, utilities passwords stored in cleartext, cleartext password leaked during reboot, technical information leak, logon with disabled accounts, important information sent in cleartext.