Outbreak Alert

Oracle WebLogic Server Vulnerability

Released: May 05, 2023

Updated: May 08, 2023

Download PDF »

Oracle WebLogic Server Vulnerability

High Severity

Oracle Vendor

Vulnerability Type

Attackers target vulnerable WebLogic servers

Known exploited vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware. This vulnerability allows an unauthenticated attacker with network access via T3, IIOP, to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data on the Oracle WebLogic Server and the confidentiality impact of the vulnerability is rated as "High". Learn More »

Common Vulnerabilities and Exposures

CVE-2023-21839

Background

Oracle WebLogic Server is a unified and extensible platform for developing, deploying and running enterprise applications, such as Java, for on-premises and in the cloud. The affected versions of Oracle WebLogic server include 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0.

Threat Radar Overall Score:

	CVSS Rating	7.0
	FortiRecon Score	96/100
	Known Exploited	Yes
	Exploit Prediction Score	95.84%
	FortiGuard Telemetry	491

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.

January, 2023: Oracle released a critical patch update advisory
https://www.oracle.com/security-alerts/cpujan2023.html

May 1, 2023: CISA added CVE-2023-21839 in CISA's Known Exploited Vulnerabilities Catalog (KEV).

May 2, 2023: FortiGuards Labs released a Threat Signal on the vulnerability
https://www.fortiguard.com/threat-signal-report/5154

FortiGuard Labs has released an IPS signature to detect and block attack attempts targeting vulnerable Oracle WebLogic Server and also recommends organizations to review and patch affected versions as recommended in the vendor advisory.

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.

PROTECT

DETECT

RESPOND

Assisted Response Services
Automated Response

RECOVER

InfoSec Services

IDENTIFY

Attack Surface Monitoring (Inside & Outside)

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.

Loading ...

References

Sources of information in support and relation to this Outbreak and vendor.

The Hacker News

Learn More »

CISA KEV

Learn More »

About FortiGuard Outbreak Alerts

Learn More »

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Outbreak Alert

Oracle WebLogic Server Vulnerability

Attackers target vulnerable WebLogic servers

Common Vulnerabilities and Exposures

Background

Threat Radar Overall Score: 4.0

Latest Development

FortiGuard Cybersecurity Framework

Threat Intelligence

Indicators of compromise IOC Threat Activity

References

The Hacker News

CISA KEV

About FortiGuard Outbreak Alerts

Threat Intelligence
Center

Threat Radar Overall Score:

Indicators of compromise
IOC Threat Activity