Cybersecurity specialists report the detection of at least 25 vulnerabilities in Oracle WebLogic Server. According to the report, successful exploitation of these flaws would allow threat actors to deploy multiple attack variants.
Below are brief descriptions of some of the reported flaws, in addition to their respective identification keys and scores assigned according to the Common Vulnerability Scoring System (CVSS).
CVE-2020-13956: Insufficient validation of user-provided input in Apache HttpClient would allow remote threat actors to pass a request URI to the library as a java.net.URI object and force the application to choose the wrong target host for request execution.
The flaw received a CVSS score of 5.7/10.
CVE-2018-1324: A bug in the ZipFile and ZipArchiveInputStream classes handling malicious inputs would allow remote attackers to send a specially crafted ZIP file, trigger an infinite loop, and lead to a denial-of-service (DoS) condition.
The vulnerability received a CVSS score of 4.6/10.
CVE-2019-10219: Improper validation of inputs within the web services component (JBoss Enterprise Application Platform) would allow unauthenticated remote attackers to read and manipulate data on the system.
This is a medium severity vulnerability and received a CVSS score of 5.3/10.
CVE-2022-21386: Improper validation of entries within the web container component in the affected application would allow unauthenticated remote hackers to access sensitive information on the target system.
The flaw received a CVSS score of 5.3/10.
CVE-2022-21262: Improper validation of entries within the Samples component in Oracle WebLogic Server would allow remote threat actors to access sensitive information from the affected system.
This flaw received a CVSS score of 5.3/10.
CVE-2022-21261: Incorrect input validation within the Samples component would allow unauthenticated remote attackers to manipulate data on the affected system.
This is a medium severity vulnerability and received a CVSS score of 5.3/10.
CVE-2022-21260: Improper validation of entries within the Samples component in Oracle WebLogic Server would allow remote hackers to read and manipulate sensitive data on the affected system.
The flaw received a CVSS score of 5.3/10.
CVE-2022-21259: Incorrect input validation within the Samples component would allow unauthenticated threat actors to manipulate data on a target system.
The vulnerability received a CVSS score of 5.3/10.
CVE-2022-21258: Incorrect input validation in Samples would allow remote hackers to read and manipulate data on affected systems.
The flaw received a CVSS score of 5.3/10.
CVE-2022-21257: Incorrect validation of inputs in the Samples component would allow unauthenticated remote attackers to manipulate data on the target system.
The flaw received a CVSS score of 5.3/10.
According to the report, the flaws detected reside in the following versions of Oracle WebLogic Server: 12.2.1.4.0, 14.1.1.0.0.
While most vulnerabilities can be exploited by unauthenticated threat actors, so far no active exploitation attempts or the existence of a malware variant associated with the attack have been detected. Still, Oracle recommends users of the affected application update as soon as possible.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.