Oracle WebLogic Server 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, and 12.2.1.4.0 T3 Access Attack

critical Nessus Network Monitor Plugin ID 701276

Synopsis

An Oracle WebLogic Server 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, and 12.2.1.4.0 is affected by a vulnerability that may result in takeover of the Server.

Description

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.

Solution

Upgrade to Oracle WebLogic Server version 12.2.1.4.1 or later.

See Also

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.zerodayinitiative.com/advisories/ZDI-20-504/

https://www.zerodayinitiative.com/advisories/ZDI-20-570/

Plugin Details

Severity: Critical

ID: 701276

Family: Generic

Published: 5/18/2020

Updated: 5/18/2020

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:oracle:weblogic_server

Patch Publication Date: 4/16/2020

Vulnerability Publication Date: 4/15/2020

Reference Information

CVE: CVE-2020-2883