Oracle has released patches as part of its October 2024 Critical Patch Update (CPU), addressing 329 vulnerabilities across a variety of products. Among these are five severe vulnerabilities within the Oracle WebLogic Server Core component, which will have severe impact if left unpatched
The most severe vulnerability tracked as CVE-2024-21216 with a CVSS 9.8, it allows an unauthenticated attacker to exploit the system remotely via the T3 or IIOP protocols. Successful exploitation of this flaw can result in a complete system takeover, giving the attacker full control over the server. This affect versions 12.2.1.4.0 and 14.1.1.0.0 of Oracle WebLogic Server,
Other important vulnerabilities tracked as CVE-2024-21274, CVE-2024-21215, CVE-2024-21234, and CVE-2024-21260, all with a CVSS score of 7.5, also affect the same WebLogic Server versions. These flaws can lead to DoS conditions or unauthorized access to critical data.
The T3 and IIOP protocols, used for communication between WebLogic and other Java programs, are often enabled by default in WebLogic installations. This makes these vulnerabilities particularly concerning, as attackers could exploit them to gain unauthorized access to sensitive data or disrupt critical services.
Oracle urges all users to immediately apply the updates, especially for WebLogic instances that expose the T3 and IIOP protocols to the internet.
For more information, refer to the advisory
Nice article 🌺🌺