Description

Oracle announced a critical patch update to address a vulnerability (CVE-2018-2893) found in its WebLogic Server that affects the product's WLS Core Components subcomponent due to unsafe deserialization of Java objects. An unauthenticated, remote attacker can exploit this vulnerability by crafting a Java object to execute arbitrary Java code in the context of the WebLogic server.

The WebLogic remote code execution vulnerability (CVE-2018-2893) has not been fully fixed. The newly fixed vulnerability is assigned CVE-2018-3245.

Remediation

Upgrade to the latest version of Oracle WebLogic Server. This issue was fixed in Oracle Critical Patch Update - October 2018. Or disable/restrict access to T3

References

Oracle Critical Patch Update Advisory - October 2018

Related Vulnerabilities

ImageMagick remote code execution

WordPress Plugin Custom Content Type Manager Remote Code Execution (0.9.8.5)

WordPress Plugin Lightbox Jquery Possible Remote Code Execution (0.24)

AjaxPro.NET Professional Deserialization RCE (CVE-2021-23758)

WordPress Plugin WooCommerce Possible Remote Code Execution (3.5.0)

Severity

High

Classification

CVE-2018-3245 CWE-502 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Code Execution Acumonitor