Oracle has released patch for a critical vulnerability WebLogic Server product, that could lead to a complete takeover of the server. is easily exploitable and does not require any authentication, making it an attractive target for attackers.
The vulnerability tracked as CVE-2-24-21181 with a CVSS score of 9.8, allows attackers with network access to compromise the Oracle WebLogic Server via T3 and IIOP protocols. Successful exploitation could grant them full control over the server, potentially exposing sensitive data, disrupting operations, or even using the compromised server as a launching pad for further attacks.
The versions of Oracle WebLogic Server officially confirmed to be affected are 12.2.1.4.0 and 14.1.1.0.0. However, multiple older, unsupported versions are likely vulnerable as well, significantly expanding the attack surface.
Oracle has released patches to address this critical flaw. Users are strongly advised to download and apply these patches immediately, following the instructions provided in the readme file to ensure proper installation and long-term protection.
If patching is not immediately feasible, Oracle recommends implementing the following temporary measures:
- Restrict T3 Protocol Access: Limit access to the T3 protocol to only trusted sources or disable it altogether if not required.
- Disable IIOP Protocol: Disable the IIOP protocol unless necessary for application functionality.
