Detections
Analytics
Oracle WebLogic Unsupported Version Detection
critical Nessus Plugin ID 109345
Language:
Synopsis
The remote host is running an unsupported version of a WebLogic server.Description
According to its version, the installation of Oracle WebLogic running on the remote host is no longer supported per:- Error Correction Support Dates for Oracle WebLogic Server (Doc ID 950131.1)
Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.
Solution
Upgrade to a version of Oracle WebLogic that is currently supported.See Also
https://support.oracle.com/knowledge/Middleware/950131_1.html
https://support.oracle.com/knowledge/Middleware/944866_1.html
Plugin Details
Severity: Critical
ID: 109345
File Name: oracle_weblogic_unsupported.nasl
Version: 1.28
Type: combined
Agent: windows, macosx, unix
Family: Misc.
Published: 4/26/2018
Updated: 2/23/2024
Configuration: Enable thorough checks
Supported Sensors: Nessus Agent, Nessus
Risk Information
CVSS Score Rationale: Tenable score for unsupported products.
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: manual
CVSS v3
Risk Factor: Critical
Base Score: 10
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Information
CPE: cpe:/a:oracle:fusion_middleware, cpe:/a:oracle:weblogic_server
Reference Information
IAVA: 0001-A-0578