Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

The version of Oracle WebLogic Server installed on the remote host is affected by a remote code execution vulnerability in the WLS Core Components subcomponent due to unsafe deserialization of Java objects by the RMI registry. An unauthenticated remote attacker can exploit this, via a crafted serialized Java object, to execute arbitrary code.

The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities:

  - Vulnerabilities in the Oracle WebLogic Server component of Oracle     Fusion Middleware (subcomponent: WLS Core Components). Easily     exploitable vulnerabilities allow unauthenticated attacker     with network access via T3 to compromise Oracle WebLogic Server.     Successful attacks of this vulnerabilities can result in takeover     of Oracle WebLogic Server. Supported versions that are affected:
     - 10.3.6.0: CVE-2018-3191, CVE-2018-3245, CVE-2018-3252
     - 12.1.3.0: CVE-2018-3191, CVE-2018-3197, CVE-2018-3245, CVE-2018-3252
     - 12.2.1.3: CVE-2018-3191, CVE-2018-3201, CVE-2018-3245, CVE-2018-3252

  - Vulnerabilities in the Oracle WebLogic Server component of Oracle     Fusion Middleware (subcomponent: WLS - Web Services). Easily     exploitable vulnerabilities allow unauthenticated attacker with     network access via HTTP to compromise Oracle WebLogic Server.
    Successful attacks of this vulnerabilities can result in     unauthorized access to critical data. Supported versions that     are affected:
     - 10.3.6.0: CVE-2018-3248, CVE-2018-3249, CVE-2018-3250
     - 12.1.3.0: CVE-2018-3246
     - 12.2.1.3: CVE-2018-3246

  - Vulnerability in the Oracle WebLogic Server component of Oracle     Fusion Middleware (subcomponent: Docker Images). The supported     version that is affected is prior to Docker 12.2.1.3.20180913.
    Easily exploitable vulnerability allows unauthenticated attacker     with network access via T3 to compromise Oracle WebLogic Server.
    Successful attacks of this vulnerability can result in     unauthorized access to critical data or complete access to all     Oracle WebLogic Server accessible data. (CVE-2018-3213)

  - Vulnerability in the Oracle WebLogic Server component of Oracle     Fusion Middleware (subcomponent: Console). Supported versions     that are affected are 10.3.6.0 and 12.1.3.0. Easily exploitable     vulnerability allows low privileged attacker with network access     via HTTP to compromise Oracle WebLogic Server. Successful attacks     of this vulnerability can result in unauthorized read access to     a subset of Oracle WebLogic Server accessible data.
    (CVE-2018-2902)

ID	Name	Product	Family	Severity
124462	Oracle WebLogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.3 Java Object Deserialization RCE (CVE-2018-3191)	Nessus	Web Servers	critical
118205	Oracle WebLogic Server Multiple Vulnerabilities (October 2018 CPU)	Nessus	Misc.	critical

Detections

Analytics

CVE-2018-3191

critical

Tenable Plugins

critical

critical