Oracle Weblogic Server 10.3.6.0 takeover Remote Code Execution Vulnerability
The information has been provided by Craig Blackie.
The original article can be found at: http://www.securityfocus.com/bid/95465
* Oracle Weblogic Server 10.3.6.0
* Oracle Weblogic Server 18.104.22.168
* Oracle Weblogic Server 22.214.171.124
* Oracle Weblogic Server 126.96.36.199
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 188.8.131.52, 184.108.40.206 and 220.127.116.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS v3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).
Publish Date : 2017-01-27
Last Update Date : 2017-01-31