SB2018041912 - Remote code execution in Oracle WebLogic Server
Published: April 19, 2018 Updated: May 1, 2018
Security Bulletin ID
SB2018041912
CSH Severity
High
Patch available
NO
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Deserialization of untrusted data (CVE-ID: CVE-2018-2628)
CWE-ID: CWE-502 - Deserialization of Untrusted Data
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists in Weblogic server WLS Core Components due to deserialization of untrusted data. A remote attacker can use T3 protocol and execute arbitrary code with elevated privileges.
The vulnerability is been actively exploited in the wild.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.