Chinese cyber-security research team has found 0-day vulnerability from Oracle WebLogic. Oracle Weblogic is affected by RCE attack.
Oracle software maker team has just release WebLogic patches before 4 days. Because the company releases security updates every three months, an update to address this issue won’t be released for three more months, until July.
New Oracle #WebLogic #RCE#Deserialization 0-day Vulnerability. No vendor fix yet! Speak to @waratek for guaranteed active protection against 0-day RCE attacks with no blacklists, signatures, or profiling #NoSourceCodeChangesApril 24, 2019
WEBLOGIC ZERO DAY VULNERABILITY
The researchers say that attackers are targeting Oracle WebLogic servers running the WLS9_ASYNC and WLS-WSAT components. This vulnerability affects all Weblogic versions (including the latest version) that have the wls9_async_response.war and wls-wsat.war components enabled.
Alternative solution, to prevent this attack, remove vulnerable components and restart WebLogic server. Put Firewall and filter URL access for the /_async/* and /wls-wsat/* paths.