9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.249 Low
EPSS
Percentile
96.2%
2019 04 May 17, 360CERT detection to the Oracle in 4 December 17 release of the security Bulletin. The security Bulletin disclosed the WebLogic Server there are multiple high-risk vulnerabilities that affect multiple WebLogic components.
360CERT it is determined that the security updates for vulnerabilities affecting a wide range, the hackers make use of vulnerabilities could be remotely access the WebLogic Server permission, the recommendations of the majority of users to install WebLogic patches, so as not to suffer hacker attacks.
0x01 vulnerability rating
CVE-2019-2658: serious
CVE-2019-2646: serious
CVE-2019-2645: high-risk
CVE-2018-1258: high-risk
CVE-2019-2647: high-risk
CVE-2019-2648: high-risk
CVE-2019-2649: high-risk
CVE-2019-2650: high-risk
CVE-2019-2618: - risk
CVE-2019-2568: - risk
CVE-2019-2615: - risk
0x02 affect the component
The WLS Core Components
The WLS Core Components (Spring Framework)
The EJB Container
WLS – Web Services
0x03 impact version
Oracle WebLogic Server:
10.3.6.0.0
12.1.3.0.0
12.2.1.3.0
0x04 repair recommendations
Upgrade patch
If it does not rely on the T3 Protocol for the JVM communication, disable the T3 Protocol.
Upgrade patch
Oracle official update link address: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Disable the T3 Protocol
Enter the WebLogic console, in the base_domain configuration page, enter the Security tab page, click the filter to configure a filter.
In the connection Filter, enter: weblogic. security. net. ConnectionFilterImpl, in the connection filter rules box, enter* * 7001 deny t3 t3s
Save to take effect without restart
0x05 timeline
2019-04-17 Oracle official release security Bulletin
2019-04-17 360CERT warning
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.249 Low
EPSS
Percentile
96.2%