Critical Vulnerabilities in Oracle WebLogic Server

Published on 22 Jan 2021

Updated on 22 Jan 2021

Oracle has released a security update in January 2021 to address six critical vulnerabilities found in its WebLogic Server product. 

 

The vulnerabilities are:

  • CVE-2021-2109 - Vulnerability is present in the Oracle WebLogic Server product of Oracle Fusion Middleware Console. Affected versions are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. The vulnerability is easily exploitable and allows a high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful exploitation can result in takeover of Oracle WebLogic Server. The proof of concept exploit for this vulnerability is publicly available.
  • CVE-2021-1994 - Vulnerability is present in the Oracle WebLogic Server product of Oracle Fusion Middleware Web Services. Affected versions are 10.3.6.0.0 and 12.1.3.0.0. The vulnerability is easily exploitable and allows an unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful exploitation can result in takeover of Oracle WebLogic Server.
  • CVE-2021-2047 - Vulnerability is present in the Oracle WebLogic Server product of Oracle Fusion Middleware Core Components. Affected versions are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. The vulnerability is easily exploitable and allows an unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful exploitation can result in takeover of Oracle WebLogic Server.
  • CVE-2021-2064 - Vulnerability is present in the Oracle WebLogic Server product of Oracle Fusion Middleware Core Components. Version 12.1.3.0.0 is affected. The vulnerability is easily exploitable and allows an unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful exploitation can result in takeover of Oracle WebLogic Server.
  • CVE-2021-2108 - Vulnerability is present in the Oracle WebLogic Server product of Oracle Fusion Middleware Core Components. Version 12.1.3.0.0 is affected. The vulnerability is easily exploitable and allows an unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful exploitation can result in takeover of Oracle WebLogic Server.
  • CVE-2021-2075 - Vulnerability is present in the Oracle WebLogic Server product of Oracle Fusion Middleware Samples. Affected versions are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. The vulnerability is easily exploitable and allows an unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful exploitation can result in takeover of Oracle WebLogic Server.

 

Users and System Administrators of the affected products are advised to apply the latest security updates immediately.

 

More information is available here:

https://www.oracle.com/security-alerts/cpujan2021.html

https://nvd.nist.gov/vuln/detail/CVE-2021-1994

https://nvd.nist.gov/vuln/detail/CVE-2021-2047

https://nvd.nist.gov/vuln/detail/CVE-2021-2064

https://nvd.nist.gov/vuln/detail/CVE-2021-2108

https://nvd.nist.gov/vuln/detail/CVE-2021-2075

https://nvd.nist.gov/vuln/detail/CVE-2021-2109