Oracle WebLogic Server Java Object RMI Connect-Back Deserialization RCE (January 2017 CPU)
Critical Nessus Plugin ID 96610
SynopsisAn application server installed on the remote host is affected by a remote code execution vulnerability.
DescriptionThe version of Oracle WebLogic Server installed on the remote host is affected by a remote code execution vulnerability in the Core Components subcomponent due to unsafe deserialization of Java objects by the RMI registry. An unauthenticated, remote attacker can exploit this, via a crafted Java object, to execute arbitrary Java code in the context of the WebLogic server.
SolutionApply the appropriate patch according to the January 2017 Oracle Critical Patch Update advisory.