WebLogic T3/IIOP Information Disclosure Vulnerability (CVE-2024-21006/CVE-2024-21007)
April 18, 2024
Overview Recently, NSFOCUS CERT detected that Oracle has released a security announcement and fixed two information disclosure vulnerabilities (CVE-2024-21006/CVE-2024-21007) in Oracle WebLogic Server. Due to the defects of T3/IIOP protocol, unauthenticated attackers can send malicious requests through servers affected by T3/IIOP protocol. Access to sensitive information on the target system. Affected users should take measures […]
WebLogic Multiple High-Risk Vulnerabilities Threat Alert
August 10, 2021
Overview On July 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 342 vulnerabilities of varying risk levels. Among these vulnerabilities, three severe ones are easy to exploit to affect WebLogic. Users are advised to take measures without delay to protect against the preceding vulnerabilities. CVE-2021-2382/CVE-2021-2394/CVE-2021-2397: These vulnerabilities […]
WebLogic Multiple Severe Vulnerabilities Threat Alert
May 6, 2021
Vulnerability Description On April 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 400 vulnerabilities of varying risk levels. Seven of these vulnerabilities are severe and easy to exploit and affect WebLogic. Users are advised to take measures without delay to protect against the preceding vulnerabilities. CVE-2021-2135: This […]
WebLogic Multiple Remote Code Execution Vulnerabilities Threat Alert
January 22, 2021
Vulnerability Description
On January 20, 2021, NSFOCUS detected that Oracle released the January 2021 Critical Patch Update (CPU), which fixed 329 vulnerabilities of varying risk levels. Seven of these vulnerabilities are severe and assigned CVE-2021-1994, CVE-2021-2047, CVE-2021-2064, CVE-2021-2108, CVE-2021-2075, CVE-2019-17195, and CVE-2020-14756. Unauthenticated attackers could exploit these vulnerabilities to execute code remotely. These vulnerabilities are assigned a CVSS Base Score of 9.8 and are easy to exploit. Users are advised to take measures without delay to protect against the preceding vulnerabilities.
(more…)WebLogic Console HTTP Remote Code Execution Vulnerability (CVE-2020-14882) Protection Solution
November 16, 2020
Overview
The Critical Patch Update (CPU) for October 2020 released by Oracle contains a high-risk WebLogic Consoleremote code execution vulnerability (CVE-2020-14882).
The vulnerability can be triggered without authentication and has an extensive impact.
Unauthenticated attackers might construct special HTTP GET requests to exploit this vulnerability to execute arbitrary code on the affected WebLogic Server.
(more…)WebLogic High-Risk Vulnerabilities (CVE-2020-14841, CVE-2020-14825, CVE-2020-14859) Threat Alert
November 6, 2020
Overview
On October 21, 2020, Beijing time, Oracle released Critical Patch Update (CPU) for October 2020 that fixes 402 vulnerabilities of different risk levels.
The WebLogic Server Core component is prone to three severe vulnerabilities with a CVSS base score of 9.8, which are assigned CVE-2020-14841, CVE-2020-14825, and CVE-2020-14859 respectively.
(more…)WebLogic Remote Code Execution Vulnerabilities (CVE-2020-14625, CVE-2020-14644, CVE-2020-14645, CVE-2020-14687) Threat Alert
August 7, 2020
Overview
On July 15, 2020, Beijing time, Oracle released a Critical Patch Update (CPU) for July 2020 that fixes 443 vulnerabilities of different risk levels.
The WebLogic Server Core component is prone to four severe vulnerabilities with a CVSS base score of 9.8, which are assigned CVE-2020-14625, CVE-2020-14644, CVE-2020-14645, and CVE-2020-14687 respectively.
These vulnerabilities are related to T3 and IIOP protocols and allow unauthenticated attackers to execute code remotely via the Internet.
T3 and IIOP protocols are used to transmit data between WebLogic and other Java programs. The default WebLogic installation automatically enables the console, which, in turn, enables the T3 protocol by default. IIOP allows access to remote objects in the form of Java interfaces, which is enabled by default.
(more…)WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution
May 19, 2020
Overview
Oracle released Critical Patch Update (CPU) for April 2020 that fixes multiple vulnerabilities of different risk levels, including two critical ones (CVE-2020-2883 and CVE-2020-2884) with a CVSS score of 9.8 that allow unauthenticated attackers with network access via T3 to compromise vulnerable Oracle WebLogic Server. Successful exploitation could result in takeover of Oracle WebLogic Server, hence remote code execution.
The two vulnerabilities that exist in the Core component of WebLogic Server could be exploited without authentication or additional interaction. Since the T3 protocol is enabled by default on the WebLogic console, the two vulnerabilities can cause an extensive impact. Affected users are strongly advised to apply protection measures as soon as possible for risk aversion.
(more…)WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2801, CVE-2020-2883, and CVE-2020-2884) Threat Alert
May 4, 2020
Overview
On April 15, 2020, Beijing time, Oracle released Critical Patch Update (CPU) for April 2020 that fixes 397 vulnerabilities of different risk levels.
These vulnerabilities include three critical ones (CVE-2020-2801, CVE-2020-2883, and CVE-2020-2884) that target Oracle WebLogic Server with a CVSS score of 9.8.
These vulnerabilities allow unauthenticated attackers with network access via T3 to compromise vulnerable Oracle WebLogic Server. Successful exploitation could result in takeover of Oracle WebLogic Server, hence remote code execution. (more…)
Weblogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Security Alert
January 29, 2020
Overview
In January 2020, the critical patch update announcement CPU (Critical Patch Update) officially released by Oracle, a remote code execution vulnerability (CVE-2020-2551) in the IIOP protocol of Weblogic WLS component was announced. (more…)
