The patch is in the July 2018 CPU patch.
What can happen: An attacker can gain control over the Weblogic server without knowing the password.
Affected versions. 10.3.6.0, 220.127.116.11, 18.104.22.168, and 22.214.171.124
Reference URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2893
Known Attacks. There are two proof of concept attacks published on gethub.com. (I’m not posting the links for good reason.) and there are two known active attacks going on in the wild. ISC SANS and Netlab 360 is tracking attacks.
To Do: 1) Block port 7001 internally until patched.
2) Patch Weblogic with the July 2018 CPU patch set.