Oracle WebLogic Server high-risk security vulnerability alerts-a vulnerability alert-the black bar safety net

2019 04 May 17, 360CERT detection to the Oracle in 4 December 17 release of the security Bulletin. The security Bulletin disclosed the WebLogic Server there are multiple high-risk vulnerabilities that affect multiple WebLogic components.
360CERT it is determined that the security updates for vulnerabilities affecting a wide range, the hackers make use of vulnerabilities could be remotely access the WebLogic Server permission, the recommendations of the majority of users to install WebLogic patches, so as not to suffer hacker attacks.

0x01 vulnerability rating
CVE-2019-2658: serious
CVE-2019-2646: serious
CVE-2019-2645: high-risk
CVE-2018-1258: high-risk
CVE-2019-2647: high-risk
CVE-2019-2648: high-risk
CVE-2019-2649: high-risk
CVE-2019-2650: high-risk
CVE-2019-2618: - risk
CVE-2019-2568: - risk
CVE-2019-2615: - risk

0x02 affect the component
The WLS Core Components
The WLS Core Components (Spring Framework)
The EJB Container
WLS – Web Services

0x03 impact version
Oracle WebLogic Server:
10.3.6.0.0
12.1.3.0.0
12.2.1.3.0

0x04 repair recommendations
Upgrade patch
If it does not rely on the T3 Protocol for the JVM communication, disable the T3 Protocol.
Upgrade patch
Oracle official update link address: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Disable the T3 Protocol
Enter the WebLogic console, in the base_domain configuration page, enter the Security tab page, click the filter to configure a filter.
In the connection Filter, enter: weblogic. security. net. ConnectionFilterImpl, in the connection filter rules box, enter* * 7001 deny t3 t3s
Save to take effect without restart

0x05 timeline
2019-04-17 Oracle official release security Bulletin
2019-04-17 360CERT warning