{"id":17959,"date":"2021-08-10T03:38:01","date_gmt":"2021-08-10T03:38:01","guid":{"rendered":"https:\/\/nsfocusglobal.com\/?p=17959"},"modified":"2026-04-17T18:07:45","modified_gmt":"2026-04-17T18:07:45","slug":"weblogic-multiple-high-risk-vulnerabilities-threat-alert","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/","title":{"rendered":"WebLogic Multiple High-Risk Vulnerabilities Threat Alert"},"content":{"rendered":"<!DOCTYPE html PUBLIC \"-\/\/W3C\/\/DTD HTML 4.0 Transitional\/\/EN\" \"http:\/\/www.w3.org\/TR\/REC-html40\/loose.dtd\">\n<html><body><h2 class=\"wp-block-heading\">Overview<\/h2>\n\n\n\n<p>On July 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 342 vulnerabilities of varying risk levels. Among these vulnerabilities, three severe ones are easy to exploit to affect WebLogic. Users are advised to take measures without delay to protect against the preceding vulnerabilities.<\/p>\n\n\n\n<p>CVE-2021-2382\/CVE-2021-2394\/CVE-2021-2397: These vulnerabilities allow unauthenticated attackers to execute arbitrary code on the target server by sending maliciously crafted T3 or IIOP requests. The vulnerabilities are assigned a CVSS Base Score of 9.8.<\/p>\n\n\n\n<p>CVE-2021-2376\/CVE-2021-2378: These vulnerabilities allow unauthenticated attackers to cause the target server to hang or crash by sending maliciously crafted T3 or IIOP requests. The vulnerabilities are assigned a CVSS Base Score of 7.5.<\/p>\n\n\n\n<p>CVE-2015-0254: This vulnerability exists in Apache Standard Taglibs. When using the &lt;x:parse&gt; or &lt;x:transform&gt; tag to handle untrusted XML documents, Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in the &lt;x:parse&gt; or &lt;x:transform&gt; tag. This vulnerability has a CVSS Base Score of 7.3.<\/p>\n\n\n\n<p>CVE-2021-2403: This vulnerability allows unauthenticated attackers to access certain data on the target server without authorization by sending malicious requests via HTTP. This vulnerability has a CVSS Base Score of 5.3.<\/p>\n\n\n\n<p>Reference link: <\/p>\n\n\n\n<p><a href=\"https:\/\/www.oracle.com\/security-alerts\/cpujul2021.html#AppendixFMW\">https:\/\/www.oracle.com\/security-alerts\/cpujul2021.html#AppendixFMW<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Scope of Impact<\/h2>\n\n\n\n<p><strong>Affected Versions<\/strong><\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<ul class=\"wp-block-list\"><li>WebLogic Server 10.3.6.0.0<\/li><li>WebLogic Server 12.1.3.0.0<\/li><li>WebLogic Server 12.2.1.3.0<\/li><li>WebLogic Server 12.2.1.4.0<\/li><li>WebLogic Server 14.1.1.0.0<\/li><\/ul>\n<\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Check for the Vulnerability<\/h2>\n\n\n\n<p><strong>1. Local Check<\/strong><\/p>\n\n\n\n<p>Run the following commands to view the WebLogic version and installed patches:<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<div class=\"wp-block-group has-very-light-gray-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<p>$ cd \/Oracle\/Middleware\/wlserver_10.3\/server\/lib <\/p>\n\n\n\n<p>$ java -cp weblogic.jar &Acirc;&nbsp; weblogic.version<\/p>\n<\/div><\/div>\n<\/div><\/div>\n\n\n\n<p>The command output below shows that WebLogic has no patch installed and thus is at risk.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img fetchpriority=\"high\" decoding=\"async\" width=\"567\" height=\"127\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/1.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-17960\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/1.jpg 567w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/1-300x67.jpg 300w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/1-200x45.jpg 200w\" sizes=\"(max-width: 567px) 100vw, 567px\" \/><\/figure>\n\n\n\n<p><strong>2. Detection via the T3 Protocol<\/strong><\/p>\n\n\n\n<p>Nmap provides a scanning script for the WebLogic T3 protocol and can detect the WebLogic host with the T3 service enabled. The command is as follows:<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<div class=\"wp-block-group has-very-light-gray-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<p>nmap -n -v -Pn &acirc;&euro;&ldquo;sV [host or network segment address] -p (default) 7001,7002 <\/p>\n\n\n\n<p>&#8211;script=weblogic-t3-info.nse<\/p>\n<\/div><\/div>\n<\/div><\/div>\n\n\n\n<p>As shown in the red box in the following figure, when the T3 protocol is enabled on the target and the current WebLogic version is vulnerable, if official patches fail to be installed, the target is vulnerable.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"466\" height=\"469\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/2.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-17962\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/2.jpg 466w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/2-298x300.jpg 298w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/2-150x150.jpg 150w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/2-200x201.jpg 200w\" sizes=\"(max-width: 466px) 100vw, 466px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Mitigation<\/h2>\n\n\n\n<p><strong>1. Patch Update<\/strong><\/p>\n\n\n\n<p>Oracle has released patches to fix these vulnerabilities. Affected users should visit the official security advisory link to download related patches as soon as possible and apply them as indicated in the readme file to ensure long-term effective protection.<\/p>\n\n\n\n<p>Note: Official patches of Oracle can be downloaded only by those with a licensed account of the software. Such users can use that account to log in to <a href=\"https:\/\/support.oracle.com\">https:\/\/support.oracle.com<\/a> to obtain the latest patches.<\/p>\n\n\n\n<p><strong>2. Workaround<\/strong><\/p>\n\n\n\n<p>If users cannot install patches for the time being, they can adopt the following mitigation measures:<\/p>\n\n\n\n<p><strong>2.1 Restricting Access to the T3 Protocol<\/strong><\/p>\n\n\n\n<p>Users can, through T3 access control, block attacks based on this vulnerability in the T3 protocol. WebLogic Server provides a default connection filter named weblogic.security.net.ConnectionFilterImpl. This filter accepts all inbound connections. Users are advised to configure a rule through this filter to control access to T3 and T3S protocols. The detailed procedure as follows:<\/p>\n\n\n\n<p>1. Access the administration console of WebLogic Server. Click <strong>base_domain<\/strong> in the left pane and then click the <strong>Security<\/strong> and <strong>Filter<\/strong> tabs successively to open the filter configuration page.<\/p>\n\n\n\n<p>2. Type <strong>weblogic.security.net.ConnectionFilterImpl<\/strong> in the <strong>Connection Filter<\/strong> field and configure connection filter rules as required in the <strong>Connection Filter Rules<\/strong> field. Rule formats are as follows:<\/p>\n\n\n\n<div class=\"wp-block-group has-very-light-gray-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<p>127.0.0.1 * * allow t3 t3s<\/p>\n\n\n\n<p>Local IP * * allow t3 t3s <\/p>\n\n\n\n<p>Allowed IP * * allow t3 t3s<\/p>\n\n\n\n<p>* * * deny t3 t3s<\/p>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-group has-very-light-gray-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<p>Connection filter rules should be provided in the format of &#8220;target localAddress localPort action protocols&#8221;, where<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<ul class=\"wp-block-list\"><li><strong>target <\/strong>indicates one or more servers to be filtered.<\/li><li><strong>localAddress<\/strong> specifies the host address of the server. (An asterisk (*) indicates all local IP addresses.)<\/li><li><strong>localPort<\/strong> specifies the port that the server is listening on. (An asterisk (*) indicates all ports available on the server.)<\/li><li><strong>action<\/strong> specifies the action to be taken. (The value must be <strong>allow<\/strong> or <strong>deny<\/strong>.)<\/li><li><strong>protocols<\/strong> specifies the protocols to be filtered. (The value must be <strong>http<\/strong>, <strong>https<\/strong>, <strong>t3<\/strong>, <strong>t3s<\/strong>, <strong>giop<\/strong>, <strong>giops<\/strong>, <strong>dcom<\/strong>, or <strong>ftp<\/strong>.) If no protocol is specified, all protocols will be filtered.<\/li><\/ul>\n<\/div><\/div>\n<\/div><\/div>\n\n\n\n<p>3. Click <strong>Save<\/strong> to make the rules take effect. If rules do not take effect, users are advised to restart the WebLogic service. It should be noted that restarting the WebLogic service will cause the service interruption for a short while, and therefore users need to ask related personnel to evaluate the service impact before this operation. Here, the Windows environment is used as an example to describe how to restart the WebLogic service. The procedure is as follows:<\/p>\n\n\n\n<p>Navigate to the <strong>bin<\/strong> directory under the domain directory, and run the <strong>stopWebLogic.cmd<\/strong> file to terminate the WebLogic service in the Windows system, and run the <strong>stopWebLogic.sh<\/strong> file in the Linux system.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"377\" height=\"317\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/3.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-17964\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/3.jpg 377w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/3-300x252.jpg 300w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/08\/3-200x168.jpg 200w\" sizes=\"(max-width: 377px) 100vw, 377px\" \/><\/figure>\n\n\n\n<p>After the termination script is executed, run the <strong>startWebLogic.cmd<\/strong> or <strong>startWebLogic.sh<\/strong> file to start WebLogic to complete the restart of the WebLogic service.<\/p>\n\n\n\n<p><strong>2.2 Disabling the IIOP Protocol<\/strong><\/p>\n\n\n\n<p>To block attacks that exploit vulnerabilities in the IIOP protocol, users can disable the protocol by following these steps:<\/p>\n\n\n\n<p>Access the administration console of WebLogic Server, choose <strong>Services &gt; AdminServer &gt; Protocol<\/strong>, deselect <strong>Enable IIOP<\/strong>, and restart the WebLogic Server to make the setting take effect.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Statement<\/h2>\n\n\n\n<p>This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and\/or indirect consequences and losses caused by transmitting and\/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add\/delete any information to\/from it, or use this advisory for commercial purposes without permission from NSFOCUS.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">About NSFOCUS<\/h2>\n\n\n\n<p>NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company&#8217;s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.<\/p>\n\n\n\n<p>NSFOCUS works with Fortune Global 500 companies, including four of the world&#8217;s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).<\/p>\n\n\n\n<p>A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.<\/p>\n<\/body><\/html>\n","protected":false},"excerpt":{"rendered":"<p>Overview On July 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 342 vulnerabilities of varying risk levels. Among these vulnerabilities, three severe ones are easy to exploit to affect WebLogic. Users are advised to take measures without delay to protect against the preceding vulnerabilities. CVE-2021-2382\/CVE-2021-2394\/CVE-2021-2397: These vulnerabilities [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":1469,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[6],"tags":[572,692,742],"class_list":["post-17959","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-emergency-response","tag-oracle","tag-threat-alert","tag-weblogic"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>WebLogic Multiple High-Risk Vulnerabilities Threat Alert - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WebLogic Multiple High-Risk Vulnerabilities Threat Alert - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Overview On July 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 342 vulnerabilities of varying\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-10T03:38:01+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-17T18:07:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/07\/ORACLE-WebLogic-Server.png\" \/>\n<meta name=\"author\" content=\"Jie Ji\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"WebLogic Multiple High-Risk Vulnerabilities Threat Alert - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"Overview On July 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 342 vulnerabilities of varying\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/07\/ORACLE-WebLogic-Server.png\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jie Ji\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/\"},\"author\":{\"name\":\"Jie Ji\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/1077d8fcd7e52c96f17a33b63a0d157b\"},\"headline\":\"WebLogic Multiple High-Risk Vulnerabilities Threat Alert\",\"datePublished\":\"2021-08-10T03:38:01+00:00\",\"dateModified\":\"2026-04-17T18:07:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/\"},\"wordCount\":1140,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/ORACLE-WebLogic-Server.png\",\"keywords\":[\"Oracle\",\"Threat Alert\",\"WebLogic\"],\"articleSection\":[\"Emergency Response\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/\",\"name\":\"WebLogic Multiple High-Risk Vulnerabilities Threat Alert - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/ORACLE-WebLogic-Server.png\",\"datePublished\":\"2021-08-10T03:38:01+00:00\",\"dateModified\":\"2026-04-17T18:07:45+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/ORACLE-WebLogic-Server.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/ORACLE-WebLogic-Server.png\",\"width\":381,\"height\":213,\"caption\":\"Oracle WebLogic Server logo on white background.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WebLogic Multiple High-Risk Vulnerabilities Threat Alert\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/1077d8fcd7e52c96f17a33b63a0d157b\",\"name\":\"Jie Ji\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g\",\"caption\":\"Jie Ji\"},\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/jji\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"WebLogic Multiple High-Risk Vulnerabilities Threat Alert - NSFOCUS","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"pt_BR","og_type":"article","og_title":"WebLogic Multiple High-Risk Vulnerabilities Threat Alert - NSFOCUS","og_description":"Overview On July 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 342 vulnerabilities of varying","og_url":"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/","og_site_name":"NSFOCUS","article_published_time":"2021-08-10T03:38:01+00:00","article_modified_time":"2026-04-17T18:07:45+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/07\/ORACLE-WebLogic-Server.png","type":"","width":"","height":""}],"author":"Jie Ji","twitter_card":"summary_large_image","twitter_title":"WebLogic Multiple High-Risk Vulnerabilities Threat Alert - NSFOCUS","twitter_description":"Overview On July 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 342 vulnerabilities of varying","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/07\/ORACLE-WebLogic-Server.png","twitter_misc":{"Escrito por":"Jie Ji","Est. tempo de leitura":"6 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/"},"author":{"name":"Jie Ji","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/1077d8fcd7e52c96f17a33b63a0d157b"},"headline":"WebLogic Multiple High-Risk Vulnerabilities Threat Alert","datePublished":"2021-08-10T03:38:01+00:00","dateModified":"2026-04-17T18:07:45+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/"},"wordCount":1140,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/07\/ORACLE-WebLogic-Server.png","keywords":["Oracle","Threat Alert","WebLogic"],"articleSection":["Emergency Response"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/","url":"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/","name":"WebLogic Multiple High-Risk Vulnerabilities Threat Alert - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/07\/ORACLE-WebLogic-Server.png","datePublished":"2021-08-10T03:38:01+00:00","dateModified":"2026-04-17T18:07:45+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/07\/ORACLE-WebLogic-Server.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/07\/ORACLE-WebLogic-Server.png","width":381,"height":213,"caption":"Oracle WebLogic Server logo on white background."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/weblogic-multiple-high-risk-vulnerabilities-threat-alert\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"WebLogic Multiple High-Risk Vulnerabilities Threat Alert"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website","url":"https:\/\/nsfocusglobal.com\/pt-br\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/pt-br\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/pt-br\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/1077d8fcd7e52c96f17a33b63a0d157b","name":"Jie Ji","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g","caption":"Jie Ji"},"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/jji\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/17959","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=17959"}],"version-history":[{"count":0,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/17959\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/1469"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=17959"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=17959"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=17959"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}