Critical #Weblogic flaw needs to be patched. #infosec #oracle

The patch is in the July 2018 CPU patch.

What can happen: An attacker can gain control over the Weblogic server without knowing the password.

Affected versions.,,, and

Reference URL:

Known Attacks. There are two proof of concept attacks published on (I’m not posting the links for good reason.) and there are two known active attacks going on in the wild. ISC SANS and Netlab 360 is tracking attacks.

To Do: 1) Block port 7001 internally until patched.

2) Patch Weblogic with the July 2018 CPU patch set.
Patch URL:

This entry was posted in infosec. Bookmark the permalink.

Leave a Reply