New QID for detecting RCE in WebLogic Server

Document created by Dave Ferguson Employee on Feb 7, 2018Last modified by Dave Ferguson Employee on Feb 7, 2018
Version 3Show Document
  • View in full screen mode

Hello all -

 

The Qualys WAS scanning engine has been updated with a new vulnerability detection for a serious flaw in Oracle's WebLogic Server.  Specifically, we are talking about CVE-2017-10271.  If successfully exploited, this vulnerability allows a remote attacker to run arbitrary code on the targeted system.  Not good!

 

Vulnerable versions of WebLogic Server are:

  • 10.3.6.0.0
  • 12.1.3.0.0
  • 12.2.1.1.0
  • 12.2.1.2.0

 

QID 150196 will be reported if this vulnerability is detected during a scan.  As a remote code execution (RCE) vulnerability, this is a severity "5" issue, the most severe rating in WAS.  To remediate this issue, Oracle's critical patch update should be applied.

Attachments

    Outcomes