2 matches found
Oracle WebLogic Server Deployment Service Servlet Insecure Deserialization (CVE-2018-3252)
An insecure deserialization vulnerability exists in the Oracle WebLogic Server Deployment Service . The vulnerability is due to the lack of input validation by the servlet. A successful attack could lead to a remote code execution...
CVE-2018-3252
CVE-2018-3252 affects Oracle WebLogic Server (WLS Core Components). Affected are Oracle Fusion Middleware WebLogic Server versions 10.3.6.0, 12.1.3.0, and 12.2.1.3. An unauthenticated attacker with network access via T3 can compromise the server, with potential takeover and high-impact confidenti...