Oracle WebLogic Remote Code Execution via T3

Description
  • Oracle announced a critical patch update to address a vulnerability (CVE-2018-2893) found in its WebLogic Server that affects the product's WLS Core Components subcomponent due to unsafe deserialization of Java objects. An unauthenticated, remote attacker can exploit this vulnerability by crafting a Java object to execute arbitrary Java code in the context of the WebLogic server.

    The WebLogic remote code execution vulnerability (CVE-2018-2893) has not been fully fixed. The newly fixed vulnerability is assigned CVE-2018-3245.
Remediation
  • Upgrade to the latest version of Oracle WebLogic Server. This issue was fixed in Oracle Critical Patch Update Advisory - July 2018.
References