Chinese cyber-security research team has found 0-day vulnerability from Oracle WebLogic. Oracle Weblogic is affected by RCE attack.

Oracle software maker team has just release WebLogic patches before 4 days. Because the company releases security updates every three months, an update to address this issue won’t be released for three more months, until July.

New Oracle #WebLogic #RCE#Deserialization 0-day Vulnerability. No vendor fix yet! Speak to @waratek for guaranteed active protection against 0-day RCE attacks with no blacklists, signatures, or profiling #NoSourceCodeChanges

— Waratek (@waratek) April 24, 2019


The researchers say that attackers are targeting Oracle WebLogic servers running the WLS9_ASYNC and WLS-WSAT components. This vulnerability affects all Weblogic versions (including the latest version) that have the wls9_async_response.war and wls-wsat.war components enabled.

Alternative solution, to prevent this attack, remove vulnerable components and restart WebLogic server. Put Firewall and filter URL access for the /_async/* and /wls-wsat/* paths.

Oracle attacks have also been detected aimed at CVE-2018-2628 and CVE-2018-2893, CVE-2018-2894, another set of Oracle WebLogic flaws.


Please enter your comment!
Please enter your name here