Oracle Weblogic Server 10.3.6.0 takeover Remote Code Execution Vulnerability
The information has been provided by Craig Blackie.
The original article can be found at: http://www.securityfocus.com/bid/95465
* Oracle Weblogic Server 10.3.6.0
* Oracle Weblogic Server 126.96.36.199
* Oracle Weblogic Server 188.8.131.52
* Oracle Weblogic Server 184.108.40.206
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 220.127.116.11, 18.104.22.168 and 22.214.171.124. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS v3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).
Publish Date : 2017-01-27
Last Update Date : 2017-01-31