DESCRIPTION:
Oracle WebLogic is an application server used for building and hosting Java-EE applications.
Two deserialization vulnerabilities (CVE-2019-2725 and CVE-2019-2729) have been identified in Oracle WebLogic Server. An unauthenticated attacker could exploit these remote code execution flaws by sending a specially crafted request. In the case of a successful exploit, the attacker could execute arbitrary actions.
AFFECTED RELEASES:
CVE-2019-2725:
Oracle WebLogic Server versions 10.3.6.0 and 12.1.3.0.
CVE-2019-2729:
Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0.
SOLUTION:
The affected users are recommended to install the patch provided by Oracle.
1. For CVE-2019-2725, please download the patch at https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html
2. For CVE-2019-2729, please download the patch at https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html
REFERENCE:
1. https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html
2. https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html
3. https://blogs.oracle.com/security/security-alert-cve-2019-2729-released
4. https://threatpost.com/oracle-warns-of-new-actively-exploited-weblogic-flaw/145829/
5. https://www.cisecurity.org/advisory/a-vulnerability-in-oracle-weblogic-could-allow-for-remote-code-execution_2019-068/
6. https://medium.com/@knownsec404team/knownsec-404-team-alert-again-cve-2019-2725-patch-bypassed-32a6a7b7ca15?postPublishedType=repub