Privilege escalation in Oracle WebLogic Server



Published: 2018-07-17 | Updated: 2020-04-07
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2018-2894
CWE-ID CWE-264
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe 		Oracle WebLogic Server
Server applications / Application servers

Vendor Oracle

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Privilege escalation

EUVDB-ID: #VU13906

Risk: Low

CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-2894

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to gain elevated privileges on the target system on the target system.

The vulnerability exists due to  flaw in the Oracle WebLogic Server WLS - Web Services component. A remote unauthenticated attacker can gain elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle WebLogic Server: 10.3.6.0.0 - 12.2.1.3.0

External links

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###