Oracle WebLogic Server Multiple Vulnerabilities (CVE-2017-9805)

Critical Nessus Plugin ID 103663


An application server installed on the remote host is affected by multiple vulnerabilities.


The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities, including unauthenticated remote code execution and denial-of-service.


Apply the appropriate patch according to the CVE-2017-9805 Oracle Security Alert Advisory.

See Also

Plugin Details

Severity: Critical

ID: 103663

File Name: oracle_weblogic_server_CVE-2017-9805.nbin

Version: $Revision: 1.18 $

Type: local

Family: Misc.

Published: 2017/10/04

Dependencies: 73913, 11936

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C


Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:oracle:fusion_middleware, cpe:/a:oracle:weblogic_server

Required KB Items: Oracle/WLS/Installed

Patch Publication Date: 2017/09/22

Vulnerability Publication Date: 2017/09/05

Reference Information

CVE: CVE-2017-5638, CVE-2017-7672, CVE-2017-9787, CVE-2017-9791, CVE-2017-9793, CVE-2017-9804, CVE-2017-9805, CVE-2017-12611

BID: 96729, 99484, 99562, 99563, 100609, 100611, 100612, 100829

OSVDB: 160547, 160703, 160704, 156668, 160703, 164610, 164828