Critical #Weblogic flaw needs to be patched. #infosec #oracle

The patch is in the July 2018 CPU patch.

What can happen: An attacker can gain control over the Weblogic server without knowing the password.

Affected versions.  10.3.6.0, 12.1.3.0, 12.2.1.2, and 12.2.1.3

Reference URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2893

Known Attacks. There are two proof of concept attacks published on gethub.com. (I’m not posting the links for good reason.) and there are two known active attacks going on in the wild. ISC SANS and Netlab 360 is tracking attacks.

To Do: 1) Block port 7001 internally until patched.

2) Patch Weblogic with the July 2018 CPU patch set.
Patch URL:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

Leave a Reply