This script is Copyright (C) 2017 Tenable Network Security, Inc.
An application server installed on the remote host is affected by a
remote code execution vulnerability.
The version of Oracle WebLogic Server installed on the remote host is
affected by a remote code execution vulnerability in the Core
Components subcomponent due to unsafe deserialization of Java objects
by the RMI registry. An unauthenticated, remote attacker can exploit
this, via a crafted Java object, to execute arbitrary Java code in the
context of the WebLogic server.
See also :
Apply the appropriate patch according to the January 2017 Oracle
Critical Patch Update advisory.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true