Oracle WebLogic multiple high-risk vulnerabilities warning

1. Basic situation

Recently, Oracle officially released the April security patch update announcement, which repaired 390 vulnerabilities in WebLogic Server, Business Intelligence Enterprise Edition and other products. Among them, WebLogic Server has multiple high-risk vulnerabilities. The corresponding CVE numbers: CVE-2021-2136, CVE-2021-2135, CVE-2021-2157. Vulnerability exploitation has low complexity and greater impact. It is recommended that affected users update the officially released security patches in a timely manner, and do a good job in asset self-checking and prevention to avoid hacker attacks.

2. Vulnerability description

Oracle WebLogic Server is Oracle's application service middleware suitable for cloud environments and traditional environments, supporting the entire lifecycle management of applications from development to production.

1. CVE-2021-2136: An unauthenticated attacker sends a malicious request to the target WebLogic Server component through the IIOP protocol, and can eventually take over the server.

2. CVE-2021-2135: An unauthenticated attacker sends a malicious request to the target WebLogic Server component through the T3 or IIOP protocol, and can eventually take over the server.

3. CVE-2021-2157: Unauthenticated attackers can send malicious requests to the target WebLogic Server component via HTTP to achieve unauthorized access to critical data.

3. Scope of influence

WebLogic Server 12.1.3.0.0

WebLogic Server 12.2.1.3.0

WebLogic Server 12.2.1.4.0

WebLogic Server 14.1.1.0.0

WebLogic Server 10.3.6.0.0

Four, safety advice

1. Official repair suggestions:

Oracle has officially updated the security patch, and it is recommended that affected users download the update patch and install it as soon as possible.

https://www.oracle.com/security-alerts/cpuapr2021.html

2. Temporary mitigation measures:

If you do not rely on the T3 protocol and the IIOP protocol for JVM communication, you can temporarily block the T3 protocol and the IIOP protocol to mitigate the impact of the above-mentioned vulnerabilities.

5. Reference link

https://www.oracle.com/security-alerts/cpuapr2021.html

Source: https://cstis.cn/post/85deadca-4e86-0cf4-45ee-0a95faa9dc8d

Post a Comment

Previous Post Next Post