{"id":12974,"date":"2021-05-06T09:41:35","date_gmt":"2021-05-06T09:41:35","guid":{"rendered":"https:\/\/nsfocusglobal.com\/?p=12974"},"modified":"2026-04-17T18:07:46","modified_gmt":"2026-04-17T18:07:46","slug":"weblogic-multiple-severe-vulnerabilities-threat-alert","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/weblogic-multiple-severe-vulnerabilities-threat-alert\/","title":{"rendered":"WebLogic Multiple Severe Vulnerabilities Threat Alert"},"content":{"rendered":"<!DOCTYPE html PUBLIC \"-\/\/W3C\/\/DTD HTML 4.0 Transitional\/\/EN\" \"http:\/\/www.w3.org\/TR\/REC-html40\/loose.dtd\">\n<html><body><h2 class=\"wp-block-heading\">Vulnerability Description<\/h2>\n\n\n\n<p>On April 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 400 vulnerabilities of varying risk levels. Seven of these vulnerabilities are severe and easy to exploit and affect WebLogic. Users are advised to take measures without delay to protect against the preceding vulnerabilities.<\/p>\n\n\n\n<p>CVE-2021-2135: This vulnerability allows unauthenticated attackers to execute arbitrary code on the target server by sending maliciously crafted T3 or IIOP requests, with a CVSS Base Score of 9.8.<\/p>\n\n\n\n<p>CVE-2021-2136: This vulnerability allows unauthenticated attackers to execute arbitrary code on the target server by sending maliciously crafted IIOP requests, with a CVSS Base Score of 9.8.<\/p>\n\n\n\n<p>CVE-2021-2157: This vulnerability allows unauthenticated attackers to access critical data of the target server without authorization by sending malicious requests via HTTP, with a CVSS Base Score of 7.5.<\/p>\n\n\n\n<p>CVE-2021-2211: An XML external entity (XXE) vulnerability exists on the recalling chain of the readExternal method in weblogic.wsee.security.wssc.sct.SCCredential.class of Weblogic.jar. Unauthenticated attackers could exploit this vulnerability to remotely obtain sensitive information from the target server. Currently, vulnerability details have been made publicly available. Relevant users are advised to take protective measures as soon as possible.<\/p>\n\n\n\n<p>Reference link: <\/p>\n\n\n\n<p><a href=\"https:\/\/www.oracle.com\/security-alerts\/cpuapr2021.html\">https:\/\/www.oracle.com\/security-alerts\/cpuapr2021.html<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Scope of Impact<\/h2>\n\n\n\n<p><strong>Affected Versions<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>WebLogic Server 10.3.6.0.0<\/li><li>WebLogic Server 12.1.3.0.0<\/li><li>WebLogic Server 12.2.1.3.0<\/li><li>WebLogic Server 12.2.1.4.0<\/li><li>WebLogic Server 14.1.1.0.0<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Check for the Vulnerability<\/h2>\n\n\n\n<p><strong>3.1 Local Check <\/strong><\/p>\n\n\n\n<p>Run the following commands to view the WebLogic version and installed patches.<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<div class=\"wp-block-group has-very-light-gray-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<p>$ cd \/Oracle\/Middleware\/wlserver_10.3\/server\/lib<\/p>\n\n\n\n<p>$ java -cp weblogic.jar&Acirc;&nbsp;&Acirc;&nbsp;&Acirc;&nbsp; weblogic.version<\/p>\n<\/div><\/div>\n<\/div><\/div>\n<\/div><\/div>\n\n\n\n<p>The command output below shows that WebLogic has no patch installed and thus is at risk.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img fetchpriority=\"high\" decoding=\"async\" width=\"560\" height=\"127\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/05\/1.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-12977\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/05\/1.jpg 560w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/05\/1-300x68.jpg 300w\" sizes=\"(max-width: 560px) 100vw, 560px\" \/><\/figure>\n\n\n\n<p><strong>3.2 Detection via the T3 Protocol<\/strong><\/p>\n\n\n\n<p>Nmap provides a scanning script for the Weblogic T3 protocol and can detect the Weblogic host enabling T3 services. The command is as follows:<\/p>\n\n\n\n<p class=\"has-background has-very-light-gray-background-color\">nmap -n -v -Pn&Acirc;&nbsp;&Acirc;&nbsp;&Acirc;&nbsp; &acirc;&euro;&ldquo;sV [host or network segment address] -p7001,7002 &#8211;script=weblogic-t3-info.nse<\/p>\n\n\n\n<p>As shown in the red box in the following figure, when the target enables the T3 protocol and the current WebLogic version is affected, if official patches fail to be installed, the target is vulnerable.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img decoding=\"async\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/05\/2.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-12979\" width=\"350\" height=\"352\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/05\/2.jpg 466w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/05\/2-298x300.jpg 298w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/05\/2-150x150.jpg 150w\" sizes=\"(max-width: 350px) 100vw, 350px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Mitigation<\/h2>\n\n\n\n<p><strong>4.1 Patch Update<\/strong><\/p>\n\n\n\n<p>Oracle has released patches to fix these vulnerabilities. Affected users should visit the official security advisory link to download related patches as soon as possible and apply them as indicated in the readme file to ensure long-term effective protection.<\/p>\n\n\n\n<p>Note: Official patches of Oracle can be downloaded only by those with a licensed account of the software. Such users can use that account to log in to https:\/\/support.oracle.com to obtain the latest patches.<\/p>\n\n\n\n<p><strong>4.2 Workaround<\/strong><\/p>\n\n\n\n<p>If users cannot install patches for the time being, they can adopt the following mitigation measures:<\/p>\n\n\n\n<p><strong>4.2.1 Restricting Access to the T3 Protocol<\/strong><\/p>\n\n\n\n<p>Users can block attacks based on this vulnerability in the T3 protocol, by controlling T3 access. WebLogic Server provides a default connection filter named weblogic.security.net.ConnectionFilterImpl. This filter accepts all inbound connections. It is advisable to configure a rule through this filter to control T3 and T3S access. Detailed steps are as follows:<\/p>\n\n\n\n<p>Access the administration console of WebLogic Server. Click <strong>base_domain<\/strong> in the left pane and then click the <strong>Security<\/strong> and <strong>Filter<\/strong> tabs successively to open the filter configuration page.<\/p>\n\n\n\n<p>Type <strong>weblogic.security.net.ConnectionFilterImpl<\/strong> in the <strong>Connection Filter<\/strong> field and configure connection filter rules as required in the <strong>Connection Filter Rules<\/strong> field. Rule formats are as follows:<\/p>\n\n\n\n<div class=\"wp-block-group has-very-light-gray-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<p>127.0.0.1 * * allow t3 t3s<\/p>\n\n\n\n<p>IP address of the host ** allow t3 t3s<\/p>\n\n\n\n<p>Allowed IP address* * allow t3 t3s * * * deny t3 t3s<\/p>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-group has-very-light-gray-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<p>Connection filter rules should be provided in the format of &#8220;target localAddress localPort action protocols&#8221;, where<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>target <\/strong>indicates one or more servers to be filtered.<\/li><li><strong>localAddress<\/strong> specifies the host address of the server. (An asterisk (*) indicates all local IP addresses.))<\/li><li><strong>localPort<\/strong> specifies the port that the server is listening on. (An asterisk (*) indicates all ports available on the server.)<\/li><li><strong>action<\/strong> specifies the action to be taken. (The value must be <strong>allow<\/strong> or <strong>deny<\/strong>.))<\/li><li><strong>protocols<\/strong> specifies the protocols to be filtered. (The value must be <strong>http<\/strong>, <strong>https<\/strong>, <strong>t3<\/strong>, <strong>t3s<\/strong>, <strong>giop<\/strong>, <strong>giops<\/strong>, <strong>dcom<\/strong>, and\/or <strong>ftp<\/strong>.) If no protocol is specified, all protocols will be filtered.<\/li><\/ul>\n<\/div><\/div>\n\n\n\n<p>Click <strong>Save<\/strong> to make the rules take effect. If rules do not take effect, you are advised to restart the WebLogic service. It should be noted that restarting the WebLogic service will cause the service interruption for a short while, and therefore you need to ask related personnel to evaluate the service impact before this operation. To restart the WebLogic service in the Windows environment, follow these steps:<\/p>\n\n\n\n<p>Navigate to the <strong>bin<\/strong> directory under the domain directory, and run the <strong>stopWebLogic.cmd<\/strong> file to terminate the WebLogic service in the Windows system, and run the <strong>stopWebLogic.sh<\/strong> file in the Linux system.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img decoding=\"async\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/05\/5.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-12986\" width=\"283\" height=\"238\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/05\/5.jpg 377w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/05\/5-300x252.jpg 300w\" sizes=\"(max-width: 283px) 100vw, 283px\" \/><\/figure>\n\n\n\n<p>After the execution of the termination script is completed, run the <strong>startWebLogic.cmd<\/strong> or <strong>startWebLogic.sh<\/strong> file to start Weblogic to complete the restart of the Weblogic service.<\/p>\n\n\n\n<p><strong>4.2.2 Disabling the IIOP Protocol<\/strong><\/p>\n\n\n\n<p>Users can block attacks that exploit vulnerabilities via the IIOP protocol by disabling the protocol. To disable the IIOP protocol, follow these steps:<\/p>\n\n\n\n<p>Access the administration console of WebLogic Server, choose <strong>Services &gt; AdminServer &gt; Protocol<\/strong>, deselect <strong>Enable IIOP<\/strong>, and restart the WebLogic Server to make the setting take effect.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Statement<\/h2>\n\n\n\n<p>This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and\/or indirect consequences and losses caused by transmitting and\/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add\/delete any information to\/from it, or use this advisory for commercial purposes without permission from NSFOCUS.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">About NSFOCUS<\/h2>\n\n\n\n<p>NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company&#8217;s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.<\/p>\n\n\n\n<p>NSFOCUS works with Fortune Global 500 companies, including four of the world&#8217;s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA). A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.<\/p>\n<\/body><\/html>\n","protected":false},"excerpt":{"rendered":"<p>Vulnerability Description On April 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 400 vulnerabilities of varying risk levels. Seven of these vulnerabilities are severe and easy to exploit and affect WebLogic. Users are advised to take measures without delay to protect against the preceding vulnerabilities. CVE-2021-2135: This [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":10365,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[3,5],"tags":[742],"class_list":["post-12974","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-ddos-mitigation","tag-weblogic"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>WebLogic Multiple Severe Vulnerabilities Threat Alert - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WebLogic Multiple Severe Vulnerabilities Threat Alert - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Vulnerability Description On April 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 400\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-06T09:41:35+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-17T18:07:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/04\/oracle-weblogic.jpg\" \/>\n<meta name=\"author\" content=\"Jie Ji\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"WebLogic Multiple Severe Vulnerabilities Threat Alert - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"Vulnerability Description On April 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 400\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/04\/oracle-weblogic.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jie Ji\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/\"},\"author\":{\"name\":\"Jie Ji\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/person\\\/1077d8fcd7e52c96f17a33b63a0d157b\"},\"headline\":\"WebLogic Multiple Severe Vulnerabilities Threat Alert\",\"datePublished\":\"2021-05-06T09:41:35+00:00\",\"dateModified\":\"2026-04-17T18:07:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/\"},\"wordCount\":1121,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/oracle-weblogic.jpg\",\"keywords\":[\"WebLogic\"],\"articleSection\":[\"Blog\",\"DDoS Mitigation\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/\",\"name\":\"WebLogic Multiple Severe Vulnerabilities Threat Alert - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/oracle-weblogic.jpg\",\"datePublished\":\"2021-05-06T09:41:35+00:00\",\"dateModified\":\"2026-04-17T18:07:46+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/oracle-weblogic.jpg\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/oracle-weblogic.jpg\",\"width\":544,\"height\":285,\"caption\":\"Oracle WebLogic Server logo.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-severe-vulnerabilities-threat-alert\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WebLogic Multiple Severe Vulnerabilities Threat Alert\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/person\\\/1077d8fcd7e52c96f17a33b63a0d157b\",\"name\":\"Jie Ji\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g\",\"caption\":\"Jie Ji\"},\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/jji\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"WebLogic Multiple Severe Vulnerabilities Threat Alert - NSFOCUS","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/","og_locale":"pt_BR","og_type":"article","og_title":"WebLogic Multiple Severe Vulnerabilities Threat Alert - NSFOCUS","og_description":"Vulnerability Description On April 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 400","og_url":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/","og_site_name":"NSFOCUS","article_published_time":"2021-05-06T09:41:35+00:00","article_modified_time":"2026-04-17T18:07:46+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/04\/oracle-weblogic.jpg","type":"","width":"","height":""}],"author":"Jie Ji","twitter_card":"summary_large_image","twitter_title":"WebLogic Multiple Severe Vulnerabilities Threat Alert - NSFOCUS","twitter_description":"Vulnerability Description On April 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 400","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/04\/oracle-weblogic.jpg","twitter_misc":{"Escrito por":"Jie Ji","Est. tempo de leitura":"6 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/"},"author":{"name":"Jie Ji","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/person\/1077d8fcd7e52c96f17a33b63a0d157b"},"headline":"WebLogic Multiple Severe Vulnerabilities Threat Alert","datePublished":"2021-05-06T09:41:35+00:00","dateModified":"2026-04-17T18:07:46+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/"},"wordCount":1121,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/04\/oracle-weblogic.jpg","keywords":["WebLogic"],"articleSection":["Blog","DDoS Mitigation"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/","url":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/","name":"WebLogic Multiple Severe Vulnerabilities Threat Alert - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/04\/oracle-weblogic.jpg","datePublished":"2021-05-06T09:41:35+00:00","dateModified":"2026-04-17T18:07:46+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/04\/oracle-weblogic.jpg","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/04\/oracle-weblogic.jpg","width":544,"height":285,"caption":"Oracle WebLogic Server logo."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-severe-vulnerabilities-threat-alert\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"WebLogic Multiple Severe Vulnerabilities Threat Alert"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/#website","url":"https:\/\/nsfocusglobal.com\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/person\/1077d8fcd7e52c96f17a33b63a0d157b","name":"Jie Ji","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g","caption":"Jie Ji"},"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/jji\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/12974","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=12974"}],"version-history":[{"count":1,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/12974\/revisions"}],"predecessor-version":[{"id":32678,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/12974\/revisions\/32678"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/10365"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=12974"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=12974"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=12974"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}